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Your business at your fingertips. 

With Daytite for iPad yoo'H have access to your critical business data no matter 
where you are, letting you make important business decisions even when you 
and your employees are on different sides of the world. 
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Parallels Server 
for Mac 4.0 

Fully utilize your Xserve, Mac Pro 
and Mac mini investment. 

Consolidate and run any server software you choose. 

■ Full scale hvpervtsor solution with bare metal architecture 

* Hardware-ready for saamiess integration Into existing IT infrastructures 

* Buiftnn VM and nnultiple server management and nnaintenance tools 


"Our district has already 
saved more than $50,000 
because Parallels Server 
for Mac eliminates the 
need for multiple servers. 
We anticipate more savings 
as well.” 

—Richaret BovwSer 
Director of TacTinolpgy 
hlardin School District in Montima 
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Microsoft* 

Introducing Ofnce;nnac”“ 

Transcend platforms and free your ideas 
with Microsoft* Office for Mac 2011. 
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The idea: 

Turn surfboards into art 


Serena Mitnik-Miller and Mason St. Peter of 
custom surfboard collective Two Birds Fly 
are living proof that when you're passionate 
about an idea, and you free it, beautiful 
things happen. Whether they’re managing 
orders or creating promotional materials, 
working in a trusted productivity suite helps 
them take care of business and make sure 
their big idea takes flight. 


Free the ideas. 


" , -Tio ^ at 0fficef0rmac.com/freetheidea5 
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My Mac does do Windows 


Parallels Desktop*6 for Mac. 

Simply Faster, Smarter and More Powerful 
Than Ever! 

• New! Get full control of your virtual machine with our aJI-new 
Parallels Mobile app for IPhone/iPad 

• New! Take advantage of all of the capabilities of your 64-blt Mac 
and enjoy our fastest virtual machine performance yet 

• Enhanced! Experience brilliant graphics capabilities in Windows 
applications whether you're a gamer, architect, designer or engineer 

• New! Immerse yourself in your favorite games, music 

and videos vvith rich 5.1 SuitdundSound -- - - 


Parallels 
Desktop 6 for „„ 
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. For business or for home, Parallels is the #1 choice of 

BjdCustomers worldwide* 



Ijtt iearn more^ visit www.parallets.co m/desktO|ypday. 
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Casper Suibe 8 

Comprehertsive iOS Management capabilities 
for iPad, iPhone and iPod touch devices. 

Administrators can now manage iOS devices using the same consoie 
they use to manage their Macs, benefitdng from deep rntegration 
with the Appie ecosystem while ieveraging their existing technoiogy. 



Comprehensive EOS 
Menagennent capabilities 


Self Service console 
for over“the-air (OTA) 
distribution of in-house 
and App Store apps 


Unification and 
extensibility: helping the 
enterprise succeed with 
the Apple platform 


http://www.jamfsoftware.com 


Weekly Demo 


Learn more about 
Casper Suite 8 
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From the Editor ^ 


m t's ^^WDC time, and at this point, since llie event has sold out, you're either attending or noL Of course, you 
m should be attending because conferences are for you- Really. Developers, this is a no-brainer: there’s so much 
■ to learn, particularly this year with a new OS release on the horizon, iOS developers, you're not excluded, 
either IT people: if this year's WWDC didn't interest you, you’re a bit lost. Whaaaa? 

IT staff have one of the toughest jobs: know everytliing. No one asks developers to set up a network. No 
one asks developers to manage a fleet of hundreds of machines. No one asks a developer to reset a user account 
or correct permissions on a home directory. But that—and more—Ls IT. You might think the 'and more’ part is 
setting up printers or training users. Sure, tliat’s a part of it. My issue is that the 'and more' needs to include 
development. Again: whaaaa? 

When one person needs to configure hieir machine for \TN access, you can walk them through it over the 
phone or visit them. When 1,000 machines need to he configured for VPN access, you had lietter figure out a 
way to automate the task. This involves some amount of development time. When you'd like to trigger actions 
that take place for your fleet of machines when they come onto your corporate LAN, that’s going to take some 
development time. If you'd like to ease the use of seuing some machine preferences with the use of a custom 
Preference Pane, that’s going to take some development time. IT people, you need to bi: developers, u>o. 

Now, IT people don't need In masier e%'ery facet of development. You don’t neecl to he Mark Dalrymple or 
Aaron Hillegass. But a modicum of Ruby? A smidge of Python? Basic Objective-C? Yes! Understanding basic 
development will *al5o* help you understand crash logs and aid you generally when Things Go Wrong. If you’re 
still afraid of a shell prompt, get over it: Mac OS X has been out for c4even years —tliere’s just no excuse any 
longer. 

No matter your discipline, conferences are for you because that’s where you meet the [Hfoph that are dealing 
with this technolog)' every day. The Mac ct^mmunity has the gift of many, many conferences. If you're a web 
developer, there are HTML and Rails conferences. If you’re a Mac developer, there is WWDC, of course, hut also 
many independent conierences through the year, including MacTech Conference. IT people seemingly have less 
choices, liowcver, tliat's a fallacy. IT people should be attending IT conferences along with developer 
conferences. Ncjt only do yt>u have something to learn there, but you also have scanetliing to offer: a technical 
user of the developers products. How you deploy products to end-u.sers is a worthwhile conversation to have 
with a developer. That’s along with the resources used on a machine, or bandwidth used by an application: 
these are all thing.s that developers assume are OK until they hear it from someone actually in the trenches. 
MacTech Conference offers developer and IT imcks, along witli time for all disciplines to meet. 

This month's cover story intrcxluces Cappuccinr), a familiar way for Objective-C developers to create w^eb 
sites, instead, using (^bjective-J, lliink about creating w'eb pages visually with Interface Builder making 
connections, but coding in Objective-] (for JavaScript). It's very, very cool, and you can let Johannes Fahrenkrug 
gel you started. 

This month's Mac in the Shell rounds out a way for Sys Admins to create a Glil-l>ased app that makes it 
easy for end-users lo collect specific logs and compress them for your use. 

First-time MacTech author Gaiy^ Lariziui eases you into the power of crankd, an automation tool that can 
perform tasks based on system events. Crankd, by the way, is a perfect example of the SysAdmin/deveioper 
l>enefil. As a part of the PyMacAdmin suite of tcx)ls, crankd is a Python-l)ased application created by Sys Admins, 
for Sys Admins. 

These, and all of articles in this month's issue showcase the awesome Mac community from nearly every 
angle. Speaking of showcasing the community, the MacTech Spotlight each month focuses cm one meml^er of 
tills community. This month, we hear from Justin Williams who is owner/lead developer/cTew chief of Second 
Gear Software. Second Gear makes some clever, focused applications (for both Mac OS X and iOS). Check out 
this month's MacTech Spotlight for some advice from Justin. 

If you’re at WWDC, please, contact us and say heiiof (That’s @marczak or @mactech on Twitter). If not, find 
your conference! (and let us know w^hat it is!) 

Ed Marczak, 

Executive Editor 
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Mac in the Shell 


by Edward Marczak 


Ruby and the GUI 

Adding a real Cocoa GUI 
to a MacRuby application 


Introduction 


Additionally^ don't forget that MacRuby is a separate install. As 
of this writing, version OJO (zero-dot-ten) is cunenl^ and can be 
downlcraded from http;//macruby.org. Installing the downloaded 
package will install the MacRuby framework, examples and Xcode 
templates for MacRuby development. 

The B eginning 

Before writing any code or creating a user interface, we need 
to create a new project in Xcode. Launch Xcode and youll see an 
introduaion screen. Double<Iick on ''Create a new Xcode project” 
from the choices on tlie left (see Figure 1). 


Create a new Xcode project 

Stan building a r^ew Mac, iPhone or iPad 

application from one of the inctuded templaies 

Figure 1 - Create a new project. 



'Hie last few columns Iwe been all about Ruby From the very 
basics of the Ruby language to tlie coupling of Cocoa with 
MacRuby, weVe covered it. This montli, we'll use Xcode to create 
a fuD Cocoa application. Xcode will let us create Ixjth the code and 
tlie GUI and connea tliem together. If youVe never used Xcode 
Ix^fore, don't be scared off. Ifs really painless, and the article wiO 
\ye a visual guide. 

The Project 

The prtjject iLself will be a log collector. Oftentimes, an end 
user will have an issue and you just want them to gather up all of 
their logs and send them to you. This application will help you with 
tliat by defining a list of log files you’d like put on a disk image 
(.dmg file), which will be stored on a user’s desktop, making it easy 
to retrieve. 

Like other projecTs in tliis series, the application will work, but 
lie less than perfect; well improve il as we go along and in Future 
articles. The mcxsi impc^rtanl thing to illustrate is how Xcode allows 
die GUI and the Ruby code to interact. 

To gel started, you II need a Macintosh with Xcode, Fni using 
Xccxle 4 in this article, although you should be able to translate it 
to Xcode 3- Frankly, Xcode 4 shows the direction Apple is moving 
in and as a developer, you need to keep up w ith. Also, Xcode 4 — 
w hile fine for our example—is less dian perfect, and in those cases, 
liugs need to be reported to Apple, Tliere’s no better way to be a 
m(xlel digital citizen than finding and reporting bugs. Find a bug? 
Report it at htlp://bugreportef.applexom. 

If you already have Xcode 4 (and its installed), great, if you 
need it, either you’re part of the developer program and can just 
download it from http://developer.apple.com, or, you can purcliase 
it for $4.99 from the Mac App Store. In either case, it's a 4GBf 
download, so plan for tliat time and a roughly 10-minute install. 


Once chosen, you’re immediately asked to "Chwse a template for 
your ne\v projeci." tf you've installed the latest MacRuby release 
properly, you'll see a choice for “MacRuby Application” (see Figure 
2), Choase "MacRuby Application” and click the ‘Next’ button. 


Oioote • templait tor y^r ntM pTQjtcc 


Ik M^CKK 

Sntim Rud- 'f« 
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mu Madiuhy Appik«ti«a 

IttredUlf UBCfUay, 


Figure 2 - Template selection. 


Once youVe chosen the template, Xcode has some more questions 
for you. Figure 3 shows this dialog, along witli the values you 
should enter for tliis projea. Feel free to enter a different value for 
“Company Identifier,” of course. 
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DOES YOUR APR ONLY SPEAK ENGLISH? 

Go Global and Localize with 


r 





Terminal 


a;- itunesS sh localize_with_tethras.sh myApp-xcodeproj 
Mon Hay 10 09:10:05 Starting upload of 
myApp.xcodeproj to tethras.com 
Mon Hay 10 09:10:55 English.Iproj directory 
successfully uploaded 

Mon Hay 10 09:12:13 6 files / 630 words processed 

Hon May 10 09:14:13 Pseudo-translated files written 
to /Developer/myApp/pseudo.Iproj 
Mon May 10 09:14:15 (1) Purchase French: $94.50 

Mon May 10 09:14:15 (2) Purchase German: $94.50 

Hon May 10 09:14:15 (3) Purchase Japanese: $126.00 

Mon May 10 09:14:15 (4) Purchase all: $315.00 

Enter your selection: 


French. German and Japanese 


Mon May 10 09:16:43 
purchased 

Mon May 10 09:24:01 
Mon May 10 09:24:40 
Mon May 16 09:25:02 


French sent for translation 
German sent for translation 
Japanese sent for translation 


Wed May 12 15:03:08 French files written to 
/Developer/myApp/de.Iproj 

Wed May 12 15:03:26 German files written to 
/Developer/myApp/fr.Iproj 

Wed May 12 15:03:58 Japanese files written to 
/Oeveloper/myApp/j a.Iproj 


Don’t ignore 607o of your market 

Sign up now attethras.com/wwdc2011 and 

receive any ianguage of your choice for free 


Limited to new customers. Offer limited to $100 off your final purchase price for any language you 
choose. Register before end of July to activate your code. 


’WW'-' 








Choose oi>tions for your new projects 


Product fsiamc 
Company Identifier 
Bundle Identifier 
App Store Category 


Document Class 
Document Extension 


thecol lector 

com.radiotope 

com. radictope.thecoitector 

I Ulliieg t | 

O Create Document-Based Application 
My Document 
prtydoc 

□ Use Core Data 

Include Spotlight Importer 


Figure I - Project options. 


You can certainly leave *App Store Category' at its default, but, 
this will be a utility; so, there’s no liann in setting it. 

Once these options axe set and you dick next, you'll be 
brought to the workspace in Xccxle. Figure 4 shows the default 
workspace ^ith your project options available. 


In a column on the left, you'll see the navigator pane, 
defaulting to the profect navigator. The project navigator shows all 
files (source code, resources, etc.) available to this projea. WMi the 
project selected we're looking at project options in the main, center 
pane. 

You may notice that just by creating the projea, there’s a lot 
done for you. In fact, you already have a complete, runnable 
application. Indeed, you can click the Run button in the toolbar 
right now and, after Xcode compiles the application, you’ll see a 
blank window. 

Now, you may not think that blank window is impressive on 
its own, but acfuaily, there's a lot going on! First, even though it's 
blank, the window behaves as you'd expea; you tan move it, resize 
it and close it. Also, note that you have a working menubar that also 
responds to the 'Quit' command. It is Cocoa that is taking caie of 
tliese aspects for you. 0\^er time, you’ll learn to let Coco^ take care 
of as much as possible for you. Quit the application for now, using 
tlie menu or command-Q, and let’s get back to Xcode. 

Main w 

Of all the thing.s that Xcode, and the MacRuby template, get 
set up for us are s(?me basic files. Looking in the projea navigator 
on the left, you'll notice 'AppDeiegate^rb’, which is where we’ll put 
our code, and under the Resources folder, MainMenu.xib, which 
represents our user interface (the Menubar and window along with 
all UI components), 


G O 

^ thecoUeclof - thEcollecligr .xccicle’prctJ 

n 

(ll" 1 DeploymenE \ My Mae 64-b« »J ,f l» j 

Xcode 

BB5 0 01 RlQ:Li.l \m 

mtar 





^ ApjiDeiefjei .lb 

MiinMenlj.xIb 
T OfiKT Source* 
‘jih Tb.nuJn .rti 
^ FtHci 

► i„. rramewariu 
t mt^adum 



Her Of X Apfflinlwtt T 

Tucm 







A^iectiq^ Catogorv 






Ewr.rad lompe tlwal<«iti.: 




venlort 

to Burfd 1 



A»p loon 

D«!<Dv>ncdt Twyat 

hUirt Iwffet* 

tp.i 



▼ Untiod fnmottork* Mtd Dbrarto* 


fP CfKDL^fameAorK 
MKHiibv.freiinamafk 



neaEBiftd 1 
ioquiTHf « 


+ - 

. V [MitinMoli 






App PtlAlftlpn 





EntHUrHtott fiM 

• 




nit Svinm 

AUMr unmf OittM food 

A/ldvMtcfitwe »*ta 

A-.\wm ww dieted Wni* 




NttuwX 

A iM, leepEuna WtiwoA Caortpetir n* 

Al(Mr Ci>nne*liOn» 





tows. Ctmri* Ascen 

A(ivt ■Muyigpripo* AcEtri 





Mam Addcu* 0^ Aecttt 

AdWw LatJrtJan 5irrvK«|. Accril 

At{|9» Cetondtr D«a AR«i» 

ttuiic ACt«>* 

HMnt* F««dm fmmt 



Figure 4 - Default project options 
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Back up everyone, everywhere. 



The easy, automatic way to protect all your data. 

Indivictuais, businesses and enterprises around the world count 
on Crash Ptan+, Crash Plan PRO and Crash Plan PROe to keep 
their data safe. 

You can too! Try it for free for 30 days. 

Peace of mind is just a few clicks away at crashplan.com 
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Framed! 


One thing IVe noticed with some MacRuby projects: the 
template doesn't properly pick up the MacRuby framework. 
We’ll need tliis to run the application. WMe you’re already in 
the right place—looking at the frameworks that will get 
linked in—highlight the red “MacRuby.framework” line under 
"linked Frameworks and libraries” and click the minus sign 
beneath it. Once removed, click the plus sign to add a 
framework. In tlie resulting dialog, shown in Figure 4a, type 
MacRuby to narrow the list^ highlight the MacRuby 
framework, and click the 'Add' buttcin. 

Choose frameworks and libraries to add; 

Ct macmby 

Q Mac OS X 10.6 

MacRuby.framework 


Figure 4a - Re-adding the MacRuby Framework. 

This is also how you can add a framework when needed 
in a different project. Once added, this new framework will 
show up in tlie project navigator in the left pane. If yoifre 
tidy like me, you1l drag it from the default location intc] the 
‘Frameworks' folder. 


Lefs create out interlace right now. Click (once) on the 
Mainmenu.xib file in die project navig^itor, and you’ll be brought 
into Interface Builder, Apple's GlJl lor creating GIJl.s. 

You'll l>e looking at a graph-paper inspired workspace witli 
your applications menubar ai top. If you like, go ahead anti 
double-dick on application name in die menu-bar and change it 
IV(jm tliecollector' to Tlie Collector'; Now, let’s create a user 
interfac'e. Click (once) on die object lepresendng the window' in the 
object column (see Figure 5). 


Window * thacolloctor 


I .. ^ 


Figure 5 - The window object 


Tliis will reveal die empty window diat we saw earlier when 
running die program. You should now he looking at somediing like 
what is shown in Figure 6. 


. th«cDllectDr File Edit Format View Window 


m 

A 


0 

9 



Figure 6 - Interface Builder dis|daying our window. 


Now we need to place user interface objects on die window. 
You need to expase die palette of objects by clicking on die 
appropriate view button in tlie ttxjlban Click die diird 'right panel’ 
button in die toolbar, shown in Figure 7. 



View 


Figure 7 * Expose tfie utilities and object palette. 


At die bottom of this panel, liy default, you'll see the file 
template libinr>'. We want to select objects fmm the object library^. 
Click on the object library icon (the cube), as seen in Figuie 8. 

D i}(y 

-Show the 

□ Push Button - Intercepts mouse-down 
events and sends an aaJon message to a 
target objea when It's clicked or... 


Cradient Burton - intercepts mouse- 
down events arud lends an action 
nonage to a target object when tt's... 


. _ Hounded Rect Button ^ Intercepts 

_niouse-down events and sends an 

___.Trtlrui nuKritaa larrMil nJKuwl-__ . _ 

Q 


Figure 8 ■ Selecting the object library. 
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Now we can chcxxse some intertace objects and place tliem on 
our window. You can make tlie selection easier if you use tlie 
search box at the bottom of the pane. (Again, see Figure 8.) Let's 
start witli a label Type label' into the search box, and you'll hnd 
there are two types of labels: a multi-line label and a plan, 'label/ 
Choose the multi-line variety: dick and drag it from the object 
library window to the window' the represents our application's 
w'indow'. 

You should notice tliat when you drag an objea to tlie 
window, Interface Builder helps you align it so it’s pasitioned 
properly It will liave the right spacing from tlie bordeii> of w^indows 
and away from other objects. Interlace Builder does tills with die 
blue guidelines it temporarily places on the window. Figure 9 
show^ this in action. 


n n 

j 

I 

_ I ___ 

j^ultiline ' 

Label 

I' 

I 

i 

Figure 9 - Interface Builder displaying guidelines. 


Place tlie multiline label in the upper left-liand corner of the 
window^, using the guides for placement. Once placed, hover over 
the right side of the label until the cursor turns into the double- 
arrow' cursor for resizing, and expand the label all the way to the 
right, until tlie guides show you the boundary. Next, t^^pe ‘button' 
into the object library search tx>x. Choose a push button and drag 
it to the window. Position it flush riglit and just under the existing 
label. Again, the guides will help you get the positioning just right. 
Figure 10 shows the completed interface. 


^ O Q Collector 

Clicking Collect' will gather required logs and place a .dnrrg 
file on your desktop. 

Latoel t • Quit k Collect j 


Figure 10 - The completed Ul as shown in Interface builder 

YotiVe already dragged a multiline label and button to the 
w^indow, Tliis 111 consists of die followmg additional objects—use 
any word from tlie object name to search lor it in the object liLiraiy 
(I ve put die word in bold type that you can use in the search box): 
A second push button 
A circulai' progress indicator 
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A label (plain bl single line label - stretch it across to the 
progress indicator). 

Once the objects are in place, click and drag the bottom 
window handle to lesize the w^indow itself. Again, you’ll get guides 
as you hit the right positioning. The objects themselves still have 
their default characteristics, so weT also need to make a few^ tweaks 
to these objects. The simple ones first: 

Double-click on each button to title it correctly (Figure 11 shows 
this in action). 

.#^00 ibecoUectojr 

Clicking 'Collect will gather required logs and place a .dmg Hie on 
your desktop. 

Label f \ Button | |j Coltect 

'- T 

Figure 11 - Giving a button its correct title. 

Double-click the Multiline label and type in some appropriate 

text. 

Now, choose tlie attributes inspector in the utilities pane. Figuie 
12 shows you this. 
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Figure 12 - The attributes inspector button. 

Once the attributes panel is up: 

Click on the window^ itself and ctonge the title to “The 
Collector”. 

Click on the “Collect” button, and in die attributes panel, scroll 
down until you find the ‘'Key Equivalent” attribute. Click on the Key 
Equivalent text field and press return. You should see a return 
symbol (® in the text field. 

Choose the single-line laliel and, in the attributes panel, look 
down the list and selea (put a check in tlie checkbox) under View- 
>Drawing->Hidden. We want tills to start off hidden, and well 
unliide it in code. 

Select die pn)gress indicator and easure diat Behavior- 
>Dtsplay When Stopped is uncheckL^d. 

That's it in Interface Builder for now. Let’s add a little (actual) 
code. 

Glue to Interface Builder 

As part of Xcode, Interface builder has knowledge about the 
code we write. This allows us to interact with the ccxle graphically. 
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Click on tlio ‘AppDelegate.rb' representation in the projea 
navigator. (Figure 13 shows this Fde in the navigator) 
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im! maifT.m 
tb rb^marn.rb 

▼ U Supporting ftles 

boom-info.plist 
rnfoPiist.strings 
|h boom-Prefix,pcb 

> Ld Trameworks 

► i C| Products 

Figure 13 - AppDelegate.rb in the project navigator. 

To Ix^gin witli, AppDelegaie.rh starts olT with a liasic shell: 

clas^% AppDelegate 

attr„ac£easor :window 

def appUcationDidFinishLaunchlng(a_notification) 

// inspiL code here lo iniilaJJce yoin applicaticji] 

'^nil 

end 


Tliis represents one class, named AppDelegate’ that contains 
one metlaod; 

applicationDidFinishLaunching;(NSNotific:ation*)aNotification. 
The appIicationDidFinishLaunching method is one of those bits of 
magic that the Cocoa framework gives us. This is called by 
NSAppliaition once die application finishes launching, We’re not 
going to use this partkoilar funaionalit}^ in this applic'ation, but do 
know it's there for you. Now, onto code that we wilJ use. 

You may notice tliat the first line in the AppDelegate class is 
a variable of type atir_accessor. Ruby provides a one-line way of 
cTeating an attribute accessor. You get lioth a getter and a setter 
for the given variable. (For more on accessors, see 
http://www.raby'doc.Qrg/docs/UsersGuide/rg/accessors,htfnL) Tliese 
class attributes are also how Interface Builder knows how^ to tie 
into your code. They provide the glue, ,so to speak, The :window 
accessor provided by the template allows our ckiss to interact 
witit tlie predefined window. Lefs eremite some for die rest of our 
U1 elements. 

Add the following lines to the AppDelegate class in die 
AppDelegate.rb file, direedy following die 'atlr_accessor nvindow’ 
line: 

# xCb : oriiponents 
attr^accessor :qiLlt, : collect 
artc_accessor :status_label, :spinner 

These attributes represent the two buttons, cfuit and collect, 
our single line label and our circular progress indicator. Next, let’s 
add a class methcxl so the collect button has .somediing to take 
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action on. (Effectively, what do we want to hajDpen when the 
'Collect’ button is pressed?) Add the following code directly after the 
applicationDidFinishlauncIiing method: 

def collectLogs(sender) 

puts '"Running the collectLcge net hod" 
end 

Wliile this doesn't retiUy do much, let’s go make it wotk. 

Wire it Up 

Go back into Interlace Builder by selecting (clicking once) on 
the MainMenu.xib fde b the project navigator. If you hover over the 
objects b die column along the left of interfac'e builder, youll 
notice tliat one of the objects Ls named “App Delegate”. This is 
‘glued' to our AppDelegate class and its code. 

We can send actions to or fium objects cTcated b Interface 
Builder to the code in our ApplTelegate class. Like everything else 
in Interface Buildec this is done gniphically Interface Builder has 


Attachment issues 


How does Interface Builder know to attach this class 
object to our class named AppDelegate? You can see for 
yourself. In interface Builder, click once on the App Delegate 
object (the blue cube named “App Delegate) and then select 
the Identity Inspector in the utilities pane. Youll see that the 
App Delegate is pointing to the class named “AppDelegate.” 
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Fig 13a ^ Interface Builder pointing an object to a specific class. 

We could point this to a different class (if we had one), 
or, we cciuld assign other objects in Interface Builder to other 
classes. This isn’t necessary in this simple example, hut you 
can see how this allows more complex applications to be 
built. 


gone through our code, kx)ked at acc:essor variables and methods 
and lets us make connections. You need to i?oint olTjects that need 
to know about each other, to one another. We do that with a 
control-drag (hold down the control key while you dick and diug). 
You control drag_/h:Jm the object that needs to knnw^ io the object 
it needs to know alxjut. Sometimes, tills is a one way relationship— 
our status label, for instance, as we only set it—and sometbies it's 
a mo-way relationship—for example, our Collect button, as it calls 
a method, and then tliat method CTin change the state of the button. 
Let’s go do all of this now, 
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Start by control dragging jkym the Collect biiEon to the App 
Delegate objea. Figure 14 shows this in action. 
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Figure 14- Connecting objects. 
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Once you release die drag, die App Delegate object will 
display the acdons it am iieceive. Since we’ve only written one 
method, that’s all we’re offered and can connect. Figure 15 shows 
how Interface Builder displays this. Click on the ’collectLogs’ action 
in the pop-up menu to make die connection. 


Received Actions 
m collectLogs: 


n 


Figure 15 > Making the connection. 


Now we need to alst) let the App Delegate class know about 
the Cxillect button. ControWragyh>m the App Delegate objecl icon 
/f; die Collect button. You'll find that Interlace Builder doesn’t know 
which of our outlets to Lis.sign to this object. An oudet is formed 
fnim our ac'teasor variables, and allows our code to act on an 
Interface Builder object When you pelea,se the drag over the collect 
buiion, you’ll be presented with a pop-up menu dial shows all of 
die OLideis from out App Delegate class. Click on ’collect’ to make 
tile connection, as shown in Figure 16. 
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Figure 16 - Connecting App Delegate's collect outlet 
to the Collect button object. 
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Now, the collect variable in code points to die button 
object we connected it to. Let’s make the remainder of the 
connections. Connect the following fmm the App Delegate 
object to the object in Interface Builder: 
status_label to the single line label, 
spinner to the circular progress indicator. 

We also get an action for free: quitting the application. We 
can quit in the same manner as the quit menu item. Control- 
drag/ram the Quit button to the Application object. This is an 
object that we haven’t looked at yet. Instead of a blue cube 
icon, it has a generic application’ icon (a pencil, paintbrush and 
ruler that form the letter *A’). This pop-up menu will offer many 
more received actions. Connect die Quit button object to the 
terminate’ action. 

That's it! Run the application by clicking on the Run button 
in the tooRiar. 

First Run 

You shouki now see die application running with the full 
user interface that we defined in Interface Builder. Further, it 
works! Well, it works in as much as we defined. The Quit button 
shouki work. The Collect button doesn't collect any logs, but it 
does do what we defined in the method it's pointing to: 

def collectLogs(sender) 

puts '‘Running the eallectLogs method*" 
end 


All this method does currently is to write a message to the 
console that says, "Running the collectLogs metlicxl,” You 
should see this message each lime you press the Collect button. 
Where? In the console! You can see that by enabling the “Debug 
area.” You can do this on a case-by-case basis by clicking on 
the 'Enable debug area' icon in the view menu of the toolbar 
(the middle of the three buttons). There’s a way that I like more: 
enabling it on run and hiding it after a run completes. You can 
set this by opening Xcode's preferences and selecting 
“Behaviors." Figure 17 shows the setting to enable the debug 
area on run. 



Figure 17 - Showing the debug area on run. 
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You can automatically hide debug area by choosing the 
same option under the ‘‘Run completes” action, expect you'll set 
the pop-up menu to “Hide” instead of ""Show.” 

Collecting Logs? 

That's a lot to cover in one month, Tm going to hold ilie 
discussion of the full source code until next month. If you Ye 
feeling adventurous, add some code to the collectLogs method 
and see what happens. In the meantime, Tm going to put the 
working application and source code up on the MacTech ftp 
site at ftp://ftp,mQctechxom. 

Conclusion 

We covered a lot of ground this month. You may have 
installed and run Xcode for the first time. You likely installed 
the latest version of MacRuby, as it's not only evolving fast, but 
needed an update to work with Xcode 4, Finally, you got 
familiar with Interface Builder and how it interacts with the 
code you write by hand. As 1 mentioned, the full, working 
source will be available right now on ftp://ftp.madech.com. Look 
at it and poke around. The walkthrough will go through what, 
how and why of what we put in there. 

Media of the month: Ponal 2, by Valve Software (available 
on Steam). If you haven’t played either Ponal, do yourself the 
favor and get Portal and block out about 8-10 hours for some 
relaxation time. If you haven’t played Portal 2, it’s worth your 
time. 

If you haven’t seen, registration for MacTech Conference— 
taking place in Los Angeles on November 2-4 2011^—is now 
underw^ay. If youYe a technology professional, you owe yourself 
a little professional development time and interaction with your 
peers. 

Find out more at 

h ttp: //www, m actec h. com /co n f e ren ce/o bout. 

Until next month, relax, soak in/up all of the WWDC news, 
gel some more Ruby practice in on your own and don’t be 
afraid to experiment! 
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Consultant Cowboy 


by Ryan Wilcox 


Pricing (Part 2) 

More thoughts on pricing 


Introduction 

A small business thrives on cash. Cash is needed to pay the 
biWs, and often it’s a balancing act Ix^tween die cash coming in 
and how much one needs to work to obtain this cash. 

In MacTedfs Feb 2011 Ccjwboy Consultant article, I mostly 
focused on the expenses you have as a full time cowboy 
consultant, and how to take tliai number and arrive at an hourly 
rate (given billings of 2(V30 hours a week). Factor in in.surances, 
retirement, travel, some equipment, and shrinkage and you have 
a (naive) hcjurly number. 

This article holds additional considerations for your hourly 
rale number. For example, w^hal can the local marker hare? But 
then again, don’t price yourself too high. Or too low! Account 
for slack in your business: there will be times when you’re not 
billing 40 hours a week (or even 30). 

Also, w^hen you figure out your hourly (or project) rates 
you also need to think about your goals in the fuaire: goals for 
your personal success financially, In addition to your successes 
as a person. 

Other Thoughts that may affect price 

Brief review from last article 

To rehash a little bit from Fart 1 of the pi icing article: your 
hourly rate depends primarily on hem much, per month, it costs 
you to live in the area you're living in and how^ Jiiuch work you 
can schedule in a given month. For example, if you have a 
Jt 1,200/month mortgage, you have to make sure yoifre bringing 
tn at least that much (actually, much more, wiien you iactor in 
fcxxl and utilities), if you’re a hill time consultant cowlx^y. 

Another thing that could affect price, especially if you’re 
coming from a traditional employee job, is the number of things 
your employer used ro pick up. You, yourself, are now 100% 
paying for your health insurance, liability insurance, and travel. 
Likewise, you1l ako spending money just to keep your 
business afloat: the occasional lawyer fee, advertising, and 
maybe web design if that's not your strong suite, 


Your current debt, budget, and time for 
projects 

Your level of debt would also affect your price also. Tlie 
average credit card debt Ibr a family is $14,000+, and the 
average student loan debt is $23,000+. The payments on diese 
loans, of course, need to factor into your monthly budget This 
means you1l have to bring in more money a month than 
someone witliout those loans. 

If you haven’t (or haven’t!) sat down and made out a 
household budget, that's probably tlie first place to start. Then 
divide by 4 to get how much money you need in a week, and 
divide by 5 for money per workday. 

Likewise, you need to pay for your business development 
time too: time dicing bids for projects that don’t pan out, time 
doing marketing and research. 

Likewise, vacations, and any other kind of day off, are 
always unpaid. This i.s certainly .something lo think about w'hen 
you’re planning out your budget and monetary requirements for 
the year. 

Of course, all this needs to balanced with the client 
project work on your desk currently. Sometimes even this is a 
balancing act: too much client work and imfx)irtant business 
development (which means project %vork in the future) goes 
unattended. Ibo much business development, and rent doesn't 
get paid. (More on this topic latter in this article) 

Minimum Viable Income 

“flow many dients do you need lo sen^ to make even a 
emppy livtngr - 7he Intelligent Entrepmneur by BiU Murphy Jr. 

Wliile, 7he Inielligent Entrepreneur Ibcuses mainly on 
startups that got l^ig, that bit of advice applies to freelancers 
also. How many clients (or projects, or billable hours) do 
need to make a crappy living? 

In an Agile software devedopment project, often tlie 
question comes up: 'What is die minimum viable product that 
we can ship and get out to people?” As a cowlx)y consultant a 
similar number should lie in your lirain: the smallest amount of 
money you really need to survive. Then strive to make that, and 
strive to make twice that, and so on. 

What will the local market bear? 

I've previously lalked about tlie advantage of living in an 
area w itli a k)W cost of living. The advantage is die little amount 
of money it takes to live. The disadvantage? Local businesses 
can’t charge as much for tlieir products, and dius might not be 
able to afford to buy your services at a high hourly rate. 

Then again, you also have to make enough money to live. 
In a big city area you have another problem: dealing with 
competition, Your clients may be expecting to pay within cenain 
price range, w^hich may (if you’re lucky) be set by your 
competition. "1 paid $300 for this service at Brand X Consulting 
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We're Easier. 

In fact, Real Studio is the easiest, fastest way to create software for Mac OS X, Windows, 
Linux and the web. 
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applications. With over 40 native user interface controls including buttons, lists, fields 
and tab panels, extended database support, native reporting and internet and networking 
features, Real Studio is cross-platform that really works. 

Now, Real Studio Web Edition allows you to use this powerful development environment 
to easily build web applications — no need to know HTML, JavaScript, CSS, AJAX and 
PHR And, unlike those usual web technologies, Real Studio compiles your web 
applications to binary, so they are safe and easy to sell. 

Real Studio. Cross-platform development for humans. 


For a limited time, getting Real Studio is easier too. 
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Use coupon code WWDC2011. 
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last time I did it, so that's about what T11 pay this time” might be 
what your client thinks. 

The articles on marketing will talk about differentiating 
yourself from the competition, but there’s also a range: price too 
high and potential clients cun t afford you. 

Your 3-4 month stash 

Ideally your prices will also let you build up a stash of 
mcmey you can use wlien you are between projects, and 
replenish this stash over time. I like a 3 month stash: this gives 
enough time for 1 month of project hunting, 1 month of 
working, tlien another month of waiting to get paid (assuming 
NET-30 terms on the invoice). 

In my experience even the simplest projects take one 
calendar montli to finish, and another calendar month to get the 
money. The first month, from initial contact to completion of 
project, usually goes like this for me: 

• Week 1: Initial contact, I draw up a quote, they consider 
it and say yes 

• Week 2: Initial Implementation 

• Week 3: Client QA, and making fixes on said project 

• Week 4: Deployment and final tweaks. 

While my experiences lately have been witli these as small 
side projects, some of this time delay is unavoidable. You might 
be laughing at me now^ but let’s assume 1 montli to l.^e on the 
safe side. 

The kicker here is often NET-30 style terms on the invcjice 
Cl give you 30 days to pay tliis before I get annoyed”). With tills 
calculation it’s 2 months from die initial concept to when you gel 


paid: one or two months rent. What money do you use to pay 
those bills while you're waiting for that money to come in? 

This is the gwd scenario too: when the project concludes 
successfully and both parties go their separate ways, happily 

However, note that I’ve had to pay rent twice since we said, 
“yes” to the contract? This delay could mean some tight financial 
times as you wait for that check to come in, as bills pile up. This 
is where the stash comes in, to give you a little boost through 
those lean times. Your houdy price should be liigh enough so 
you can pay back that stash occasionally. 

Don't price yourself too high 

As a computer programmer 1 realize that programmer time 
is expensive: it’s a highly skilled profession, and l^ig complex 
applications take time to build, thus expensive. 1 do what i can 
to keep my services affordable to potential clients. 

Lower cost means more people can afford my services, and 
1 can build more long-term clients... or so my tlieory goes. I’ll 
grant you that tliis may or may not be correct, f^ui iliat’s my 
theojy^ 1 also, personally, want to make sure small businesses get 
the technology solutions they need, 'lliat’s a market I’m 
interested in (I’m a small business, J feel I should help other 
small businesses), so it’s important to me to be priced 
appro [^rialely. 

Don't price yourself too low 

To countercjoini evetyihing said about pricing too higli, you 
also don’t want to price yourself too kw. There are two reasons 
for this: budgetary, and appearance. 




LassoSoft. 

security, speed, simplicity 


Proof that all programming languages are not created equal. 

Quick to learn, fast to deploy, Lasso is a powerful, 'batteries included’ development 
platform specifically geared to the web that has 95% of the libraries you'll need to do 
the job, and db connectors, email support, curl support, SOAP, PDF, and endless 
scalability from C and Java API's - all included right out of the box. 

Free full product download for learning and dev builds. Full license from $49/month 
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The FADI protective carrying case, also known the Audioglove, is designed in such a way that 
the user can open the case and redirect the sound toward him/herself. This audio enhancing func¬ 
tionality is not offered on any other protective carrying case. The Audio Glove enhances and ampli¬ 
fies the volume and quality of sound emitted by the iPhone. 

It’s simple design corrects a fundamental flaw in the iPhone that 
suppresses good quality sound and tone production. The retract¬ 
able audio drawer on the FADI Audioglove eliminates the need to 
attach externa! speakers. Now you can amplify the phone without 
restricting its mobility and ease of use. 

As an added bonus, the Audioglove makes the speaker-phone sound warm and full for people 
on both ends of the call — now your iPhone can operate as a hands free device without a Blue¬ 
tooth accessory! 

Constructed from polycarbonate - The same material used for bullet proof dividers at banks. 














Budgetary concerns are tlie kicker, As a consultant you 
should not assume you're going to bill 40 hours a week. There^s 
a balance here: you have certain expenses ever>^ month 
(rent/mortgage, taxes, utilities, food, savings) and only certain 
number of hours in a week to get this all done. 

The next concern is cost vs, quality and perceptions. A low 
hourly rate might actually drive away potential clients! Potential 
clients migiit scoff at your rate and think, "1 need a professional 
to do this work, but at this price Pm obviously getting a kid right 
out of school, who wouldn't be able to handle this kind of task” 
A low rate might actually come at the cost of your own 
quality. For example, a low rate might mean you have to bill 50 
hours a week to make rent, leaving no time for personal 
development and enhancing your skillset. In teclinoiogy this is 
important: going to conferences or reading, or open source, 
volunteer, or writing work. 

So, while your rate might seem extraordinarily high to you, 
if you can fill those hours tlien it's just about right. 

Other, less obvious signSj might point to your rate being too 

low: 

• You live modestly, hut tliere never seems to Ix" enough 
money to make ends meet. If this happens several months in a 
row, time to reevaluate something, Maybe youYe in die doubly- 
taxing position of having too much work, but struggling to pay 
rent (or taxes), I’ve been there myself - it’s really no tun. Time 
to step back, evaluate what's gt^ing on. 


* You feel like you need to work more than 60 hours a 
week, most of the weeks of the year, to pay the bills. While you 
probably won’t get rich as a Cowboy Consultant, it also 
shouldn't land you in the poorhouse. 

• You seem never to have quite enough to pay your taxes, 
or you have to set aside an entire month’s worth of income, at 
once, to cover your quaneriy taxes. 

Hours you can find to bill in a week 

I talked about this in the “Price for =< 20 - 32 hours a 
week’’ section of the first article. Each of us has responsibilities 
outside of billable work. For example, business development is 
an important part of running your business: you need to spend 
time to bring more clients in. This takes time. 

Likewise, you might have other commitments outside 
billable client work, I assume that HI lose one day a week to 
errands, writing, and my own projects, so I adjust my rates 
accordingly. Taking one day off a week gives me time to do 
otlier, unbillable things. I'll use Wednesdays to do estimates, run 
errands, work on some of my side projects, work on biisineas 
development or personal development. It also helps me, 
personally, keep my sanity. 

The Wealthy freelancer (by Slaunw^iiie, Savage, and 
Gandia) talks aboui time management like a puzzle: you can 
swap out a piece here and there and replace it with another 
piece, if you need to. For example, occtisionally I’ll take 
Wednesdays and spend half die day on client work, to finish up 
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a big project. That means sometliing (business development, for 
example) loses out. Or mayte cutting back on something \v<:>rk 
related to be able to pick your kids up from school. 

Some weeks you’ll just get less work done than normal. 
Thafs where the 34 month stash is also useful to cover some of 
this slack, 'fhat's also the tricky thing about billing based on 
hourly rates: sometimes you don't get in as many hours as your 
l^udgei requires. (Tlie next Cowboy Consultant aiticie will talk 
about different billing metliods, which may have le.ss of an 
impact on your budget!) 

For example, I spent a fair hit of time crver the past to 
w'ceks billijig only about 20 hours a week, because I was 
wx)rking on business development. The business development 
needed to get done: I’ve been ignoring some of those things for 
6 months or more, and I’m glad 1 have a little bit of a stash to 
cawer for the hours 1 didn't bWl 

Note: your income is limited by a scaling 
problem 

Eventually you’ll hit the issue where you realize there’s only 
one of you, and that you can only serve a couple of ongoing 
projecLs at a time. If youVe already imxed out on workload, you 
can't take on another client: diere's a limit on your time. 

This limit on your time means so you can’t lowball 2 clients 
then thinlc '111 just take on a third project to pay my rent — that 
will make up the difference!” 

Lowballing the price on something then hoping to make it 
up on volume doesn't work with real world gocxls, and really 
can’t work for consultant cow-boys. Yr}Li can tiire more people, 
but that has problems all its owm. 

From 37 Signal's Reufork “maybe the right size for your 
company is five people, Maybe it's forty. Maybe it’s two 
liundred. Maybe it's just you and a laptop. Don't make 
assumptions about how big ahead of Lime. Go slow^ and see 
w'hat feels right: premature hiring is the death of many small 
businesses.” 

Sometimes you will have to turn dowm that big job, because 
you don’t have the 5 people it would take to deliver it. Maybe 
you want to take the contract, hut it's a 3-mcmth fulbtime 
contfaci, and you don't have the hours available for that. There 
are ways around that (teaming up with another freelance 
company to split up and finish the work, for example), but 
sometimes you have to turn dawn work because you’re already 
booked. 

Slack 

There’s also intentional and unintentional slack in 
businesses. For example, if you pack your calendar tight with 
projects, one being scheduled right after the other is done, w'hat 
happens when one project slips a due date? 

Better to create some intentional slack: end a project on 
Friday, and set your scliedule so that you start a new one 3 or 
4 days later. How much slack depends, but you do have to make 
sure your hourly rate is high enough so you can, in fact 
schedule slack. 
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Unintentional slack can also happen. This might he the 
time it takes you to find the next client or project. 

But, during both of these limes you aren’t working! 

Your unbillable percentage 

You might find yourself putting in more unbillable hours 
then you’d like. Or maybe you’ve gone a few weeks and not 
able to get the billable hours in that you’d like. 

Maybe now is time to take a step back, and track 
^everything* in your day. How long you spend on email when 
you get up, how long you work on client work, how long you 
work on other stuff at night. How long you do marketing or 
machine maintenance, or other business Spring-cleaning that 
you might have to do? Do this kind of tracking for 2 weeks, 
and examine your habits. Maybe you spend two hours 
reading news every day, or too much time improving your 
own website, A little bit of tracking, and a little bit of analysis, 
can bring your time sinks to light. 

If you don’t like manually entering everything into your 
time tracking tool, try an app that does it for you! Apps that 
come to mind like this are: TrackTime, and SLife, but there 
are at least a half-do^en other apps for this on the Mac App 
Store. These will, at the very least, report that you were in 
NetNewsWire for 4 hours yesterday, instead of being inside 
your text editor, Xcode or w^hatever {)ther app you make 
money from being in all day. 


Dreams: Where you want to be 

Beyond the basics of retirement, do you have other 
goals for yourself or the business? For example, going back 
to college, paying off student loans, taking on employees? 
This should also go into your budget. 

Likewise, I poured my own money into my business 
initially, and feel the need to pay that back. 

Depending {>n how close you are to retirement age, and 
what your goals are during that time, you might have to 
consider this in your rates also. 

However, the awesome thing abcjut freelancing is that 
you can set your own hours. If you want to “retire'’ and bill 
10 hours a week to bring in some ‘‘pocket money” (which, at 
good rates, might actually be considerably more than simply 
pocket money, 

Lifestyle design / Criteria for success 

An alternative is to consider what you want your lifestyle 
look like. Instead of looking at your income and deciding 
what you can do with the money you have created, look at 
what you want to do and figure out how to get there. 

Some of these thoughts will affect your prices. If you 
know^ you have only 11 months out of the year to make 
money in, because you want to take one month off every 
year, tliat’s a factor in what you have to charge your 
customers. 

The Wealthy Freelancer has a worksheet that 
encourages you to envision your ideal day, your perfect 
workday. Perhaps your wc^rkday includes 'A one-hour lunch 
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break allowing you to go lo the gym everyday. Perhaps you 
need to stop work at 4 PM when your children get home 
from school. 

Now think: does your lifestyle design change your 
availability, and given my income requirements how much 
do r have to charge my customers per hour? 

For example if your lifestyle design includes scaling 
dowm your work during the summer to relax with your 
family, one way you can achieve that goal would be to set 
aside the mornings for work and then enjoy yourself in the 
afternoons. However, because your availability has 
decreased, the amount you charge per hour needs to be 
higher than if you were planning on 35 hours per week 52 
weeks a year. 

The Four Hour Work Week, by Tim Ferriss can help you 
here. It has excellent resources for lifestyle design and offers 
a "dreamline” worksheet, which gives you numl^er crunching 
power for your ideas. 

Now, don't expect to have all your goals, or achieve 
your ideal lifestyle, al! in the first year, or two...or five. 
Setting goals now does give you some idea what y{)ur prices 
should be, and may let you understand yourself so you can 
pick the correct projects for you. 

in the first article in this series, 1 talked about making a 
Criteria For Success list. Does any item on that list affect 
either the lifestyle you w'ant, or the availability you have? 
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If you don't have a Criteria For Success list, now is a 
good time to make one. Ask yourself: “What do I define as a 
success?” This both helps you to define success, and gives 
you goals to shoot for. It's rather silly to have a goal, "1 want 
to spend 3 w^eeks backpacking every year”, but have your 
pricing or availability exclude the chance of that happening] 

Maybe you don't have any particular goals. There's an 
interesting blog entry from the Dumb Little Man blog: 
(hHp://www.dumbliHleman.corTr/2009/09/how-lo-5et-gools- 
when-you-hove-no-idea.hlml) on this very topic! 

Don’t be Daddy-Who-Is-Boring 

A Business Insider post caught my eye the other day: 
{hhp://www.buslnessinsider.eom/the-woke-up-cal[-201 0-1 2), 
This post talks of a man who started his business to be able 
to see his family more, who now' his daughter calls “Daddy- 
who-is-boring”. 

The Work/Honie dividing line pretty much disappears 
when you are working from home, out of a spare bedroom. 
liecau.se you’ll snatch up the laptfip and do work while your 
kids are playing, or watching a movie, or hanging out - and 
there are you missing the action because a PRIORITY ONE 
email message came in. 

Maybe you want clients that don't have 9 PM meetings 
Sunday nights (true story). Or have the ability to go to the 
park some days, instead of working. 

This might involve saying no to a lew' projects (super 
late projects where everyone’s going 80 hours/week, 
anyone?), or making sure to balance your time well... or 
maybe just leaving the laptop in the office sometimes. 

Conclusion 

You could see figuring out your hemriy rate as way to 
value w'ith both parties in the equation: value your client (by 
making .sure they get you at your best), and valuing yourself 
(making sure you live a comfortalde life - maybe not luxury, 
but ideally comfortable,..maybe not at first, but eveniually. 

There is a careful balancing act here, one that needs to 
be reevaluated every so often (once a year, as part of your 
business retro.spective, for example). 

Next article will cover some other traditional and non- 
traditional methods of billing and payment, potentially 
changing .some of your current client payment options, 
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Developing Enterprise-Friendly 
Software for Fun and Profit 


by Greg Neagle, MacEnferprise.org 


<>. 



1 MacEnterprise.org 

Mac OS X enterprise deployment project 


Introduction 

Intere.st in Mac development seems to be at an all-time high- 
Sales of Mac hardware are growing at a rate faster than the 
industry as a whole, and many developers are hoping to build 
on their experience and success on the iOS platform by also 
developing for the Mac plarfonn, 

Tlie advent of the Mac App Store has also brought new 
developers to the Mac. Tiie Mac App Store solves a lot of 
problems for small developers, allowing tliem to sell theti* 
software to Mac users without having to develop and maintain a 
web storefront on their own. 

Small developers new to the Miic may think of the Mac as 
in use only by individual users or possilily very small l:tusinesses, 
and might not give much tlioughi to die issues around 
purchasing and deploying their software in large organizations. 
Even large, esudiMshed software developers have been known to 
ignore these issues, and have shipped software that was not 
‘‘enterprisedTiendly.'* 

Let's define that phrase. St}ft\^^are can be considered 
enterpiTse-friendly when it can lie easily purchased for laige 
numbers of users, installed with automated tools, and when 
installed, it works as expected for all users of a given machine 
with no additional post-install aaifigumtion that cannot be done 
as a non-privileged user (i.e., a user without administrator rights). 
In this context, “enterprise'' really refers to scale. Any 
organization with a large number of computers can be 
considered an “enterprise" environment. Schools and universities 
flee many of the same issues as private enterprises when it 
comes to purchasing, deploying and supporting Mac software. 

In this column, well Icxik at some of the common issues 
that make software purchase and deployment difficult in 
enterprise environments and wliat software developers can do to 
make their software more enterprise friendly. 

why bother? 

If you are a software developer, why should you bother 
making the purchase and deployment of your software 
friendly to enterprise enviioriments? 


The number one reason is that if you do, you’ll sell more 
of your products! If you make it too hard to purchase and 
deploy your soft^^are in an enterprise, systems administrators 
will look elsew^here and recommend other software tliat they 
can deploy in their organization. 

Another reason; if your installer is not enterprise- 
friendly, and if their organizations insist on using the software 
anyway, systems administrators will almost certainly have to 
repackage your software in order to deploy it to their 
organizations. This introduces opportunities for errors to 
creep into the install process, as a repackaged installation 
may not install everything as intended, or may install things 
in a way that introduces problems. As an example, 
repackaging Adobe CS2/CS3/CS4 products often resulted in 
installation packages that stomped on or overwrote activation 
and licensing for other Adobe products. It’s much easier to 
support your own software when you know it was installed 
with your own installer, and not via some hacked-together 
method developed by an oveiworked system administrator 
who is noi as familiar with your software as you are. 
Repackaging software for installation introduces new 
variables to support. Worse, each organization that 
repackages your software may do it slightly differently ~ your 
support burden potentially increases each time a new 
organization purcliases your .software. 

Making software truly enterprise-friendly should not be 
something left for the end of development when you are 
building the installer. Design decisions made early on can 
affect how easy it is to install, configure and use your 
software in a large organization. Being aware of the issues 
should help you make better design decisions. 

Purchasing 

The road to enterprise-friendly software starts with 
purchasing. Make sure large organizations can buy licenses 
for multiple installs/users of your software. Enterprise 
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administrators don’t want to have to purchase 100 boxes of 
your software to install 100 copies, and they don’t want to 
have to enter 100 registration/license codes and keep track of 
which machines have which license codes. Plan for some sort 
of multi-user licensing if you want to sell your software to 
large organixations. 

Mac App Store 

With the release of Mac OS X ] 0.6.6 in Januaiy^ 2011, 
Apple opened the doors to the Mac App Store^ an attempt to 
bring the popular success of the App Store for iOS devices to 
the Mac. 

The appeal and ease-of-use of the Mac App Store has 
enticed some developers to make their software available 
solely through this channel. The Mac App Store is a fantastic 
tool for individual users to discover and purchase software. 
But it is not very useful when it comes to purchasing software 
for enterprise use, as the terms of use for software purchased 
through the Mac App Store would prohibit the installation of 
a single purchased copy on hundreds or thousands of an 
organization's Macs. Add to this the fact that applications 
purchased through the Mac App Store are linked to a specific 
Apple ID - again, not an ideal situation for large-scale 
deployment, if you wish to sell your software to large 
organizations, you must provide a purchasing and acquisition 
method that does not rely on the Mac App Store. 


Installation 

Once an organization has purchased your application 
and enough user licenses, they will want to install it on 
(possibly) a large number of machines. Large organizations 
will generally not have armies walking around and manually 
running your installer by double-clicking it. Instead^ they will 
be using a software deployment mechanism that 
automatically installs software on large numbers of machines. 
Your software's installation method must work with enterprise 
software deployment systems. 

Some automated software deployment tools for Mac OS 
X commonly in use include; Apple Remote Desktop, JAMF 
Casper, Absolute Manage, Puppet and Munki. 

This list of deployment tools may have you wondering; 
“How can 1 make sure my software can be installed by all 
these tools? That sounds like it will be difficult and time- 
consuming to test!" But in truth, it’s not that hard as long as 
you adhere to some basic principals, since most automated 
software deployment tools use similar mechanisms for the 
actual installation. 

First: use the Apple package fomiai. It’s not perfect, but 
every major softv^'are deployment mechanism works with 
Apple’s packages. Apple itself leverages the Apple package 
format to install software suites like iLife and Final Cut Studio, 
and even to install Mac OS X itself So it seems reasonable 
that it is possible to install your soft^'are using Apple’s 
package format. If, in^stead, you create your own installer 







application or use a third-party installer technology like 
InstallEase or InstallAnywhere, it's likely your installer will 
not work in an enterprise environment. 

Second: avoid pre- and post-install scripts if at all 
p(3ssibie. If you must utilize scripts in your package, test diem 
in scenarios found in enterprise deployments. We'll go into 
more detail about that in a hit. 

Third: your package should install everything needed to 
run your software. It should not leave additional installation 
tasks for the first launch of your software. Remeniber that in 
an enterprise environment, the person who first launches 
your softw^are after install may not have administrative 
privileges. They will be annoyed when your sofmare asks for 
administrative credentials the first time they try to use it, Your 
software's installer has administrative privileges - it should do 
things that require admin rights at that time. 

The 'Tancier” your installer, the greater the chance it wriil 
do something that makes it incompatible with an enterprise 
install. So keep your packages simple and test them for 
unattended installation. 

Testing your Package 

The simplest and most important thing you can do as a 
software developer to ensure your software's installer 
package is enterprise-friendly is to use an ssh session and 
the command-line installer tool (/usr/sbin/installer) 
to install your software on a machine. Test the install both 
with no one logged in as a GUI user and also with a GUI user 
logged in. Here's an example: 

% ssh gneagle^aquaman 

Last login: Tue Mar 10:56:17 2011 

gneagle% sudo instailet: -pkg 7ttnp/fooxpkg -target / 

installer: Package name is Foo 

installer: Installing at base path / 

installer: The installation was successful. 

Here we install Foo-pkg using the commanddine 
installer on the machine *‘aquaman'\ Even though the 
installation completed successfully, we must manually test the 
software to be sure it functions as expected. You should 
perform the command-line installation test with no user 
logged into the machine (with the login window displayed), 
as well as with a user logged in to make sure the installation 
completes correctly in both scenarios. When software is 
deployed in an enterprise, any given machine may or may 
not have an active user logged in, so you must test with no 
logged-in user. Be sure to test under Tiger, Leopard and 
Snow Leopard if your application runs under all of those 
versions of Mac OS X 

U your software can be installed successfully with this 
method and your software functions as expected when 
installed this way: congratiilationsf There’s a very good 
chance your installer package is enterprise-friendly, and will 
work with all the major software deployment systems. 
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Pre- and Post-install Scripts 

The most common thing that causes a package to fail to 
be enterprise-friendly is poorly written pre- or post¬ 
installation scripts included as part of the package. 

If your installer makes use of pre- and/or post-install 
scripts, test them during your remote install tests to make sure 
they don’t do anything visible. They should not open Finder 
windows or launch your application or quit other 
applications or modify the current user's Dock. Even if you 
think actions like these are desirable when your package is 
installed interactively, they are definitely undesirable when a 
system administrator is trying to install your software to 
hundreds or thousands of Macs, 

If you really must have your installation interact with the 
user when doing a manual install, you can still WTite your 
scripts to do die right thing during an unattended install. A 
pre- or post- script can tell if it's being mn in the context of 
a non-GUI install: the installer command sets the 
COMMAND__LlNE_INSTAlL environment variable, just test 
for it and skip over a task dials inappropriate when installing 
at the command line. Here’s a Perl example from a postflight 
script in the iTunes install package that updates the Dock; 

# exit if comiDand - line install 

exit(O) if ($ENV| ‘COMMND_LIHE_l^^SmLM ) : 

I update user's Dock 


If the package is installed interactively, the Dock is 
updated for the current user But if it's installed via the 
command line, the script exits, leaving the Dock untouched. 

Another common mistake in pre- and post-install scripts 
is the use of the SUSER variable to attempt to get some 
information about the currently logged in user, or to access 
the user’s home director>^ When the installer is run at the 
loginwdndow by the root user, “JUSER” is undefined and 
scripts that use that variable may not perform as expected. 

Installer packaging extra credit 

There’s an additional scenario your installer package 
might encounter in an enterprise deployment. A common 
practice in large organizations is to configure new machines 
using an "image'*. Installation images capture the entire state 
of a startup disk: the OS, installed software, and the 
configuration of each. There are a couple of methods of 
building installation images that use Apple packages to install 
the OS and all extra sotWare and configuration files. The 
unusual bit is that when these images are built, the installer 
packages are u.sed to install software on a disk that is not the 
.startup disk. Some installer packages make assumptions in 
pre- and post-install scripts that they are installing only to the 
startup disk and fail to run correctly when the installer 
applies the package to a disk other than the startup disk, For 
extra credit and better compatibility with this workflow, test 
the installation of your softw^are on a disk other than the 
startup volume. 
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Post Installation 

YouVe made it easy for an enterprise to purchase and 
install your software. That’s a good start. But there are post¬ 
installation issues that can make your software easy or hard 
to deal with in an enterprise environment. 

Activation^ Registration and Licensing 

Much commercial software requires some sort of 
activation, licensing, and/or registration before it can be used. 
If activating or licensing your software requires manually 
typing in a long code on first launch, it’s not enterprise- 
friendly Consider providing a method for enterprise licensing 
and activation: perhaps a licensing package that can be 
installed, or at the bare minimum a command-line tool that 
can be run. Scmie organizations have implemented network 
licensing servers or software asset managemeiii systems; 
consider supporting these. 

User registration, in which you caplure some contact 
information about the user of your software, may make a lot 
of sense for individual purchases. But in an enterprise 
deployment, is it really valuable to get incomplete and 
inaccurate info from hundreds of employees of the same 
company? Presumably you already captured the important 
information when you sold the multi-user licenses for your 
product to that company. Consider providing a way for a 
systems administrator to pre-register software before 
deployment and/or turn off any user registration prompts. 
This mechanism should take effect for all users on a machine; 
it’s not helpful if it requires modifying something for each 
user. 

Remember also that the person using a machine day-to- 
day may not be the person who installed or activated the 
software. A technician who must manually install or activate 
yt>ur software may do so w'hile logged in via his or her 
account, or while kjgged in via a local administrative account. 
If that aclivation is stored somewhere in the home directory 
of the user who did the activation, it won t he available to the 
’heal” user of that machine when he or she logs in next. This 
problem is even worse in tlie education arena, where there 
may be many users sharing a group of machines. Installation 
and activation of your software should make the soltware 
available and usable by all users of a given machine. This 
means storing the activati{>n/iicensing info somewhere 
readable by all users. /Library/Preferences or 
/Library/Application Support are good candidate 
locations for licensing/registration information. 

Additional First-Run Installs 

Several commercial software packages offer to install 
additional components on the first launch after installation, 
prompting for administrative credentials. This is problematic 
in an enterprise environment, as the user running the 
software for the first time may not have admin rights. You can 
avoid this issue by making the additional components part of 
the original installation package, possibly as optional installs. 


If this isn’t possible, provide a manageable preference to turn 
off the installation of optional components. See the 
di.scussion on managed preferences later in this column. 

Even if your software offers to install items in the user’s 
home directory (and therefore doesn’t need administrative 
credentials), consider the scenario where there are multiple 
users on a single machine - does your software really need 
to copy the same files to every user account? If these files are 
templates, examples, or stationery, consider making them 
available to all users from a shared location, and install them 
there as part of the installer package. 

Updates 

Many vendors have their applications check for their own 
updates. Some use the popular Sparkle framework for this 
functionality^; others roll their own solution. This is a great 
strategy for individual purchasers like home users, where the 
purchaser is the primary user and essentially the 
administrator for his or her own machine. But again, in an 
enterprise environment, applications that check for updates 
can be an annoyance. Bandwidth is wasted when one 
thousand copies of an application, all installed in a single 
company, each go out to the internet and retrieve one 
thousand copies of the update. Worse, once they’ve 
downloaded an update, they might alert the user of the 
softw^are and ask for administrative credentials that the user 
doesn’t have. 

For these reasons, it’s essential that you provide a w^ay for 
system administrators to turn off any auto-update mechanism 
for your software. You must also make updates available via 
an alternate mechanism that can be installed the same way 
the original softw^are was installed. That means updates that 
are distributed as standard Apple packages. The mechanism 
for disabling update checks should he gk^bal - that is, it must 
w^ork for all users of a given machine. That could take the 
form of support for Apple’s managed preferences framework, 
or just a preference file in a globally accessible location. Be 
sure to document this! 

Preference Management 

Since we mentioned Apple's managed preferences 
framew^ork, this is a good oppcjrtunity to talk about 
preference management. In large organizations, it is 
sometimes helpful for system admini.strators to be able to 
manage settings or preferences for a piece of software. 
Sometimes this takes the form of setting helpful initial 
defaults, or turning off inapplicable or unsupported 
functions. Other times thi.s might involve setting and 
enforcing an organizational policy. 

You can at the very least make your softw^are’s 
preferences manageable at the most basic level by storing 
your software’s preferences in Apple’s property list format in 
the standard locations (^'/Library/Preferences and/or 
/Library/Preferences). Preferences stored this way are 
manageable via Apple’s managed preferences frameworks. If 
you use CFPreferences from the CoreFoundation framework 
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or NSUserDefauits from the Foundation framework to handle 
your software’s preferences, you'll have even better 
compatibility with Apple's nmnaged preferences, 

Et cetera 

Here are a few other things that might differ between 
individual home/small business users and users in an 
enterprise environment: 

Enterprise users may have network home directories 
instead of home directories on the IcKal disk under /Users. 

Even without network home direciorieSj enterprise users 
are more likely than home or small business users to store 
data on file servers. 

Don't assume hie servers are AFP (Apple File Protocol) 
servers; in large organisations Windows (SMB/CIFS) file 
servers are the rule, and NFS file servers aren't unknown. 

Enterprise laptop users are more likely to be using 
File Vault to protect their data. 

If your software isn't tripped up by any of these, it’s more 
likely to play well in the enierpri.se. 

Conclusion 

Making your software enterprise-friendly need not be 
difficult. A little planning and consideration of enterprise 
issues will help you avoid common pitlalls. Package your 
software using the Apple package format and test command¬ 


line installations. Provide enterprise administrators with ways 
to license and/or activate your software via the command 
line, by installing a package containing licensing information, 
or by using a network license manager or asset manager. Give 
enterprise administrators the ability to suppress registration 
dialogs and auto-updates. Store your software's preferences 
and configuration in the standard Apple property list format, 
or even better, use Apple's preference frameworks. 
Remember that in a large organization, your software's users 
may not be administrators, and that an enterprise machine 
may have more than one user. Follow these guidelines and 
you'll have softu^are that's easy for enterprises to buy, Lnstall, 
configure and use. Who wouldn't want to sell a few hundred 
thousand extra copies of their software? 
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CORESEC: SECURtTY TOPIG FOR ADNUNISTRATORS AND PROGRAIMMERS 


Secure Shell (SSH)-A Hidden Gem, Part 2 


SSH is a powerful tool with many uses. 
Let’s explore this staple of OS X 

By Michele (Mike) Hjorleifsson 


Introduction 

La.st month we looked at the basic underpinnings of SSH; 
how to configure the clienr configuration files, server 
configunition files and create key based autlienticatiun. We also 
reviewed sctme of the built in utilities and appliaitions that amc 
witli OpenSSH. Tliis month we will dive a bit deeper, looking at 
SSH as a communication tool for otlier applications to use when 
a secure, simple connection needs to bn made frt^m one host to 
anotlier to accomplish a vtiriety of tasks. 

Command Line SSH Goodness 

Last month we leaked at sep as a method for performing a 
secure copy from or to a remote host, including the recursion 
option to mirror a diretlory From one host to or from the tither. 
While this is great ff>r a single opeialion, it doesn't lend itself to 
die backup and recovery^ operations that administrators perform 
all the time, Rsync, from the people that brfiught us SAMBA 
(windows SMB integration), allows you to do fast incremental 
transfersAiackups of data over SSH locally or acro.ss the globe. For 
example, using the command below, rsync would look at the 
/backup/Users directory on your kxral machine, compare it to the 
content of on the remote host and copy any files that 

needed copying from the remote host to the kx:al machine all 
over a nicely secured SSH session. The benefits to this versus sftp 
or .scp are tw^ofold; first, you aren’t making a full copy of files you 
already have on the local side, and second, ifs therefore much 
fasten 

rsync -avz -e ssh roof@remotehost.com:/Users/* /bockup/Users 

The cc^mmand line options -avz tell rsync that dus Ls an 
archive (a), to perform the operations in verlx)se mode t v) so we 
can see wliat is happening and to compress the data traffic C^). 
The -e option tells rsync to use SSH as its communication 
protocol instead of ifs own client/server protocol (which wotild 
require you to setup an rsync launch daemon on your server.) 

For tills to work in a script that runs unattended, you would 
need to create ssh keys and setup die authori 2 ed_keys file on the 


remote host (see last months article) and ensure that the user you 
are using to connect witli has permissions to read the files / 
directories in question. 

Mounting Remote Filesystems 

Anotlier wrinderful command line set of tajLs are die 
combinatitm of MacFuse and SSHFS from Gcx>gle, You can 
dow^nload MacFuse from 

htfp://ccde,gcMDgle.com/p/mocfuse/cJowntoods/lisf and install on the 
machine you would like to connect from. MacFuse provides the 
File System in User Space (FUSE) environment originally 
developed for Linux. The FUSE system allows users to load and 
unload file system drivers on the dy rather than embedding them 
in the kernel or a kext file. SSHFS on the other hand is a 
pluggable module for FUSE that allows you to mount a remote 
file system over SSH as if it w'ere loc'al. Installing SSHFS is a little 
bit more complex and is currently only wori^ing in 32-bit mode 
(vs. 64 bit), though it works well. To install SSHFS, you need to 
download the binaries from 

http://osxbook.com/download/sshfs/sshfs‘Static4eopard.gz or via svn 
svn CO http://maefuse,googlecode^com^svii/trunk/ 
filesystems/sshfs/binary sshfs-binaries 

Once downloaded you need to copy the sshfs-static-leopard to 

a loc’ation in your path, for instance: 

sudo cp ,/sshfs static-leopard /usr/abin/sshfs 

sudo chmod 755 /usr/sbin/sshfs 

Once in the path and executable you can connect to remote 

hosts using the a simple syntax: 
sshfs user@host:/path /mypath - 
oautQ_cache, reconnect ♦ volnaine^<vo Inane) 

You will need to ensure that /mypath is a valid direaory on the 
loc'al filesystem. If you have setup SSH key^, it will just 
connect. If not, you will be prompted for the password for tiie 
remote system. Once connected, the remote filesystem can be 
seen in Finder or a shell and treated like any other network 
share. 
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Protecting SSH 

One last command line gem is DeoyHosts, an open source 
pmject that tracks SSH logon attempts and stuffs potential hackers 
into your hosts.deny file automatically preventing them from 
trying to connect again. You can use this tool on Mac OS X or 
Linux and its freely available for download at 
http://sourceforge.net/prolects/ deny hosts/ 

Graphical Tools 

The graphic:al side of the SSH picture is even prettier tlian the 
command line tools^ and I don*t just mean the look and feel. 
Several developers have made some wonderful SSH tools that are 
either Freeware, Shareware or paid for software. File transfer 
software like Cyberduck, Transmit^ Filczilla, Interarchy and most 
FTP graphical applicatioas .support SFTP. Tliis provides die ability 
to securely move hies between your systems with a nice graphical 
interface. Super Flexible File Syncronizer From Super Flexible 
Software (http://www.superflexibiexom/featiires.htm) enables you to 
do graphical directory synchmnization over SSH and otlicr 
Internet protocols, 

YazSoft provides a utility called ShareTool 2, which allows 
you to see and connect to Bonjour advertised resources from 
anywhere in ilie world securely over SSH. For instance if you are 
in a hotel in Veg^is you can access your shared fl ones library back 
in New York and play some tunes or even watch a video (if the 
Irandwidih at die htitel can liandle it.) Additionally tliey have 
written hooks so the Bonjour advertised resources show up in 
their respective applications as if you were still local to those 
resources. 

Virtual Private Networks & Remote 
Screen Sharing 

Remote access to multiple resources like a l:>eing able to 
screen sliare with any machine on a remote network (versus just 
one that you redirect a firewall port to) or being able to access 
any resource on that network as if you were in llie office requires 
some t>'pe of seizure remote connectivity^ like tlie VPN provided 
by OS X. But using L21T is cumbersome, especially at the remote 
end. Oftentimes, the required ports aren't open and if you are at 
someone else's facility or a hotel, for in.stance, then you wonT 
have the ability to open those ports, enter SSH based tcxils as a 
solution. 

Simple tunneling can be achieved with graphical software like 
and SSH Tunnel Manager (Freeware available for download at 
http://projects.tynsoe.org/en/slm/). Another application called 
Meerkai (Sliareware) from Code Sorcery Workshop is one of my 
favorite SSI I utilities. Why? Well Meerkat helps you to create SSH 
tunnels to remote hosts that send traffic from your lf3cal machine to 
the lemote netwcjrk via SSH. Though you can do this from the 
command line, Meerkat allows you to semp connections, and even 
triggeis that siart die connecTions automatically when you launch an 
application. Oh, and it is totally saiptable, reconnects disconnected 
sessions and .supports SSH keys or keychain stored passwords. 
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Another freeware application called Secret Socks by an 
independent programmer (Joshua Chan) in Canada, allows you to 
setup a SOCKS proxy over SSH, providing remote connectivity to 
websites, ftp etc, from the proxy for any application that support 
SOCKS proxies (like Safari,) 

ChickenofrheVNC is a freeware utility that will allow you to 
gain access like Screen Sliaring does to a remote graphical 
console on any platfonn tliat supports VNC connections (OS X, 
Windows, Linux, Solaris etc.) and has tlie capability of tunneling 
VNC over SSH Ibr security and port simplicity (all traffic runs over 
SSH.) 

OpenVPN and TunnelBlick provide an server and client 
combination for establishing an SSH based VPN (virtual private 
network.) OpenVPN c^an be installed from MaePorts on your 
server, though it will require some configuration file typing to get 
going (here Is a decent how-to hftp://tinyapps.org/docs/openvpn/) 
but LS very flexible. Once up you can install Tunnelblick on your 
client machines, which will aeate the virtual adapter and provide 
a nice graphical setup to connect to your OpenVPN server. 

One question I get often when teaching Support or Server 
Essentials is how an admini.strator can provide support via Screen 
Sharing to a set of Apple computers on a remote network. There 
are two methods I see used often and one i tested and sraned 
telling my students and clients al30ut. You can use iChat and its 
associated screen sharing capabilities, or you can setup Apple 
RemtJte Desktop (ARD) on a machine inside the network and 
open the ARD fx>rt3 to that machine so you can remote in, then 
remote to machines on the network. T'hese are the two grapiiieal 
methods. You can also punch a bunch of holes in the lircwall and 
have each of the Macs answer Screen Sharing on a different port 
by changin their config files, or you can use an SSH tunnel to 
connect into the network then onto a host. None of tliese 
methods are optimal in corporate environments. iChai turns on 
the microphone and increases bandwidrii t^y sending audio, since 
you are typically already on the phone with the person requesting 
support this is silly. Additionally, there is no way to turn down the 
color depth from the graphical interface to reduce l>andwidth 
requirements, ARD via ARD is a challenge as you are screen 
sharing another screen sharing session. Tunneling is fine, but you 
need a tunnel entry for each hast on the remote network. So 1 did 
some research into a tool 1 liave used often in remote Linux 
support environments called NoMaciiine or NX. 

NoMachine is another neat open source set of tools that 
allow you to remotely screen share all the machines on your 
internal network through a single entry point to your network. 
Currently diere is no Mac OS X implementation of their server 
software though it Ls in development. Why let that .stop you? I 
installed NoMachine in a VMWare Fusion guest on the server and 
with a little configuration am able to use their OS X client software 
to connect to the NX server and through to all the machines in 
my office to provide fast remote screen sharing without having to 
do a ton of firewall tricks. You will need to setup a VNC 
password and enable the Screen Sharing and Remote Login on 
each machine you want to connect to, configure them as targets 
in NX imd voila, instant support to an entire network over SSH. 
Additionally you can conned to Windows machines and even 
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Linux machines using the same NX server and OS X client 
software. (Note: XI1 is required on the client machine you 
ccmnect from) 

Conclusion 

SSH has been amund since 1995 and is still one of the fastest 
and most secure fadlities for connecting to remote hosts and 
networks without a ton of eftbrt or sacrificing security. With 
developers utilizing the OpenSSH framework to add additional 
features or tunnel their applications traffic over SSH, SSH and the 
associated tools that use it will be around for a long time and as 
an administrator you should familiarize yourself with some of 
these wonderful little gems. r T ■ 
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Meet Cappucino 

Use your Cocoa skills to build 
stunning web applioations 


by Johannes Fahrenkrug 


Introduction 

Web development can be a challenge. Yon need to leam 
multiple languages and technologies, like HTML, CSS and 
JavaScript. To build truly impressive applications, you even 
have to dive pretty deep into these technokigies and master 
them. Wouldn't it l>e nice if you could use your long-time 
knowledge of Cocoa that you have gained and perfected over 
the years to build web applications? That's exactly what 
Cappuccino makes possible. 

What is Cappuccino? 

Cappuccino is a framework for developing desktop class 
web applications. It consists of 2 important parts: the language 
Objective-J - a re-implementation of Objective-C in JavaScript 
- and the Cappuccino libraries - a Cocoa-clone written in 
Objective-J (hence die dark, hot beverage iaspired name). I'his 
combination of language and libraries runs in modern 
browsers without any plug-ins and creates to necessary HTML, 
JavaScript and CSS to execute your application. Just like a 
desktop application, Cappuccino only covers die client side of 
your development: Since the application is running in the 
browser, in most cases you will still need to use something like 
Ruby on Rails, Django, or PHP to liuild a server comjxment 
that your Cappuccino application can communicate with to 
load and save data. 

All this might .still seem kind of abstract to you. To really 
understand what a powerful piece of technokjgy Cappuccino 
really is, the next paragraphs will show you how to install the 
tools and how to build your first Cappuccino app! 

Because Cappuccino is based on Qbjective-C, you should 
l>e familiar with Objective-C and the tools that surround il 
(Xcode, Interface Builder and so on). This article assumes that 
base knowledge. 

Installation 

To build the Cappuccino tools, you must have gcc 
installed. Since it is part of Xcode, you should already have il 
installed. Next, you need to check out the Cappuccino git 
repository or download it as a zip file from 


http://gilhub.com/280north/cappuccino/zipball/moster, Unpack 
the zip file, open Terminal. app, change into the Folder you 
just unpacked, and run the •/bootstrap,sh script (you 
might need to run it as sudo, depending on your system 
setup). This will download and install all the required tools. 
You can safely acc'ept all the default settings with yes or by 
pressing return. 

As a final step, you need to add the new l>inaries to your 
path. Do this by appending export 

PATH="/usr/local/narwhal/bin: $PATH" to either 
your “/ .profile (bash) or - zshrc (z.sh) file. To activate 
these new settings either open a new shell or run source 
“/.profile (or “/.zshrc). Now you’re all .set to build the 
actual Cappuccino libraries; back in Terminal.app, run 
jake sudo-install. Thai will take a little bit. 

Hello World 

A new Cappuccino application is created with the capp 
command-line tool which creates the ba.sic directory layout 
widi the necessary files and frameworks. The application we 
are going to build will l>e called image_search. Run this 
command to create it: 

capp gen —t mbApplication image search 

The —t NibApplication switch tells the capp tool 
that you want a use a template for an application that has a 
user interface which you can edit in Xcode. Cappuccino 
cannot directly read nib or xib files, i'hey first have to be 
converted into a cib file witli the nib2cib tool. To do that, 
change into the image_search directory and run nib2cib 
Re sources/MainMenu. xib. When you open index .html 
in the image search directory in Safari after that, you 
should be greeted with Figure L When you move the slider 
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b'Ack and forth the value in the text field should change: You’re 
first Cappuccino applic’ation works! 


capp_ Barch_clb 



NawAppUcatkir Ftte ^ idit Formal ^ vtaw» Window» Holp ^ 


^00 


Figure 1, Nib based, unedited Cappuccino application 


textFxeld outlet. Then Ctrl-drag From the button to the 
AppController object and connect it to the sayHi action. Save 
it. 

Autosizing 



Figure 2* Autosizing attributes for the button 


Making Changes with Xcode 

Maybe you*re nol quite convinced yet that the UI from 
MainMenu*xib is really being used. To erase those doubts, 
we will edit the UI in Xcode. Since Xcode 4 doesn't allow you 
to define custom outlets and actioas directly in Interface 
Builder anymore, the Cappuccino team has developed a tool 
called xcodecapp that sets up a dummy Xcode project for 
you to be able to easily edit your xib files. To use it, simply run 
xcodecapp iaside the image search directory without any 
arguments. You'll now change the application so that you can 
enter your name and be greeted when you click on a button. 
In Xcode (or a dilferent edJtor), open AppController,j 
and edit it so that it ends up looking like Listing 1. 

Listing X: AppControiterj 

Simp o rt <F Qiind at io n / C PObj ect, j > 

@i[Dplementaticin AppController i CPObjent 
I 

^outlet CPWindow theWindow: 

^outlet CPTextField textField; 

J 

- (void)awakeFromCib 
f 

[theWlndow setFullBrldge:YES] : 

1 

■ (IBAction)sayHi:(id)sender 
I 

alert(“Hi, " 1 [texlFleld sttingValue]): 

I 

iend 


Tlie xcodecapp tool automatically picks up those 
changes so that we can use the new outlets and actions in 
Interface Builder. Next, click on MainMenu - xib, select 
Window, and replace the slider with a button and set its 
autosizing attributes as shown m Figure 2, Now Ctrl-drag from 
the AppController object to the text field and connect it the 


When you reload index.html in your browser now, youll 
.see the text field and the button. Enter yoor name and press 
the button and you’ll be warmly greeted by Cappuccino! 
Congratulations: Yon have written your first own Cappuccino 
application, complete with an action and an outlet. 

You see that Cappuccino development is very similar to 
the Cocoa development you're used to. That's why we don’t 
want to waste any time: A more complex app awaits! 

A More Complex Application 

The application that you will build next is a client for the 
Google Image Search API: Results will be displayed in a table 
on the left side of the screen and when a search result is 
selected, the image will be displayed in full size on the right 
side. (While typing this yourself is good practice and gets you 
more familiar with the tools, the source for this final 
application can be found at 

ttps://github.com/jfahrenkrug/CappucdnoCiblmageSearch.) 

Go back to Xcode and remove the button and the text 
field from the interface. Drag an NSSplitView to the window 
and size and position it to fill the whole window and set its 
autosizing attributes as shown in Figure 3^ 

Autosizing___^ 


I—I 




Figure 3. Autosizing attributes for the split view, 
table view and image view 
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Then add a text field (antosizing Figure 4) to the top left 
area of the split view and a table view (autosizing Figure 3) 
right under it. 


Autosizing 


I 


✓ 


V 




Figure 4. Autosizing attributes for the text field 


Name the left column of the table ‘'Title’' and the right one 
"Size.” In the inspector for the left table column set its identifier 
to title. Set it to size for the right column. Those identifiers 
are needed later for the CPTableViewDataSource delegate 
methods to determine which column to return data for. To be 
able to display the image, add an image view to the right half 
of the split view, setting its autosizing attributes according to 
Figure 3- The interface should look like Figure 5 by now. 


A ^ Wfndow 



Figure 5. The finished Ul of the image search application 
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Now' we fust have to create and connect the outlets and 
actions. To do that, we first have to define them in the 
AppController. j file as .shown in Listing 2 (two extra 
outlets, twi) instance variables that we will need later on, and 
one empty actic^n). 

Listing 2: AppControUer Outlets, Actions, and Instance 
Variables 




Call: 800-964-2793 


@i]iipiejiientation AppController : CPObject 
[ 

@otitlet CPWindow theWindowr 
^outlet CPTextField textFieldi 
CPTableView tableView: 
^outlet GPImageViev imagoYiew; 
CPArray images; 
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CPData recelvedData; 

- (lEAction)search:(id)sender 

I 

I 

Back in MainMenu. xib^ connect the AppController’s 
textField outlet with the new text field. Then Ctrl-drag from 
the AppController object to the image view and connect 
it to the inageView outlet. Do the same with the table view, 
connecting it to the tableView outlet (make sure you really 
connect the table view and not the scroll view that surrounds 
it). Then Ctrl-drag from the text field to the AppCont roller 
object and connect it to the search action. Finally Ctrl-drag 
from the table view to the AppCont roller object twice to 
connect its dataSource and delegate outlets. The interface 
is done. 

The next thing we need is a data model to represent the 
search results. 

The Data Model 

Tlie term “data modcT might be a bit exaggerated in this 
case: We will only create one single class that will represent a 
single image t)f a Google Image search result set. Tt) do that, 
we’ll create a file called Googlelmage. j in the 
imagesearch folder. You find the contents of that File in 
listing 3, You 11 notice that Objective-J doesn't require a class 
to have an extra header file that makes everything a bit 


slimmer and easier. Now we just need to connect it al! and 
execute the actual search. 

Listing 3 : Googlelmage.j 

©iinport <Fouiidation / CPObj ect. j > 

©implementation Googlelmage i CPObject 
I 

CPStrlng title ©accessors; 

GPStrlng unescapedUrl ^accessors: 

CPStrlng tbllrl ©accessors; 
int width ©accessors; 
int height ©accessors: 

I 

- (id)init 

I 

self = [super init]: 

if (self) 

I 

title = 

unescapedUrl ” 
width = 0: 
height = 0: 

1 

return self: 

1 

/*! 

Initialises it with the data from a JSON Object 

*/ 

’ (Id) initPromJSONObject: (id) aJSOHOhjeot 

I 

self ^ [self Initl; 


Direct Mail 



Ea SOFTWARE 



jumpstart your 
small business 

with powerful email marketing 


Download for FREE Today at 
WWW. directmailmac .com 


Seamlessly integrates with the Mac applications 
you already use 

Create and send email campaigns with ease 


Designed and built only for Mac 


• Real-time tracking to monitor effectiveness 

• No monthly fees 










SHATTERED MEMORIES? 



WE CAN HELP 

Recover Your Lost Files Now! 

We Provide Data Recovery Software And Services For Ali Types Of Media 





Mac 

UmmI 


www.LC-Tech.com/mt 

A GLOBAL LEADER IN DATA RECOVERY 
















else 


if (self) 

I 

// the html entitles have to be iinescaped 
var e ” docuinent. ereateElement (' div'} r 
e*innerHTHL = aJSOHObject .titleNoFomatting: 
title = e^childNodes[0].nodeValue: 
unescapedUrl “ aJSONObject-uneacapedUrlj 
width = aJSOKOhject.width: 
height = aJSONObject.height: 

1 

return self; 

I 

- (GPString)size 
! 

return width t "x" + height; 


/M 

Returns an array of itnages built from an array of JSON 
objects 
V 

1 (CPArrfly)iraagesFroiiiJSONObJects: [id) someJSONObjects 
1 

var images “ [[CPAtray alloc] init]; 

if tsomeJSONObjects) 
f 

for (var i={): i < someJSONObjects*length; i-H-) 

I 

var image [ [Googlelmage alloc] 

initFroinJSONObject :someJSONObjects (i] ] : 

[Images addObJect:image] : 

1 : 

i 

return images; 

1 

@end 

Bringing It All Back Home 

Similarly lo Objeciive-C, you have to import source filers in 
Objective-]. This is done with the @import directive. To use 
our Googlelmage class in AppController, we have to add 
the line ^import "Googlelmage. j" lo the very top of 
AppController.j. 

The say Hi: mediod that we used in the original example 
can !>e deleted. The empty stub of the search: method has lo 
be replaced with tlie search: methcxl as shtjwn in listing 4. 
Listing 4: AppController: The search method 

- (iBActi(jn)search: (ld}sendur 
I 

var term = [textField stringValue): 
if (term && [term length] > 0) 

[ 

var request ^ [CPiJRLRequest 

requestWithllRL: *http: / /aj ax. googleapls . cornyajax/services/sea 
rch/iiiiages7v=i .OArsz=l 0 rge&imgtype=photo&q=* l term]; 

[request setHTTPHethod !@''GET"] : 

receivedData = nil; 

[CPURLConnectiofi connectionWithRequest:request 
delegate;self]; 

] 


alert("Please enter a search term["); 
f 

1 


It reads the search term from the text field, makes sure that 
it isn’t empty and then starts a CPURLConnection which 
queries the Google Image Search API and sets its delegate 
to self:, |ust like you know it from Cocoa's 
NSURLConnection. The next step consists of adding the 
CPURLConnection delegate methods to 
AppController. j as shown In Listing 5- 
Listing 5* AppController: CPURLConnection Delegate 
Methods 

- (void) contiection: (CPURLCotinoctlon) connection 
dldReceiveData;(CPString)data 

[ 

if [!receivedData) 

receivedData “ data: 

else 

receivedData += data; 


- (void)connection;(CPURLConnection)connection 
dldFailWltbError;(CPString)error 

1 

alert("Connection did fail with error : " + error) 
receivedData “ nil; 


[void)ccinnectionDidFinishLoading:(CPURLConnection)aConnectio 

n 

I 

var res = nil; 

try 

I 

res = 

CPJSObjectCreateWlthJSOI^ (receivedData).teaponaeData.results: 

I 

catch(err) 

( 

alert("Error while parsing search reaults; " 1 err); 

I 

if (res) 

I 

images = [Googlelmage imagesFromJSONObjects;resJ : 

if (images) 

[tableVlew reloadData]; 

elae 

alert{"Nothing found*"): 

) 

I 

The 3 methods save the received dam in the 
receivedData ivar, display a message when an error 
occurred, and process tlie received data when loading has 
finished. The processing is simply done by turning die string 
we received from the Google API into a JavaScript data 
structure using the CPJSObjectGreateWithJSON function. 
From the responseData object of that dam structure we then 
extract the results array. If that was successful, we pass that 
JavaScript array to the imagesFromJSONObjects: class 
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method of the Googielmage class, thus creating an array of 
Googlelmage objects. That array is then saved in the images 
ivar* Finally^ the table view is told to reload its data. In order 
for that to work, the table view expects two data source 
methods. Listing 6 contains these methods and one additional 
method—tableViewSelectionDidChange;—that is 
being called when a different row is selected in the table view. 
Listing 6: AppController: CPTableView Data Source and 
Delegate Methods 

- (CPInteger) tiumberOfRowsInTableView:(CPTableView)aTableView 
I 

tetuni itnageB 7 images. length : 0; 

I 

- (id)tableView:(CPTableView)aTableView 

oh j ectValueForTab 1 eCo 1 imn: (CPTab 1 eColiiinn) aTab 1 eColiimn 

row: {CPIiiteger)aRowlndex 

I 

var i ^ [aTableGoluran identifier]: 
return [images[aRowIndex] 
perfonnSelector;CPSelectotFroraStringd)]: 

- (void)tableViewSelectionDidChange:(CPNotification)note 
f 

var image = [images objectAtIndex:[tableView 
selectedRow] ] ; 

var u = [image unescapedUrl]: 

[imageView setImage:[[CPImage alloc! 
inltWithContentBOfFlle:n]]; 

I 


The first method returns the number of rows in the table 
view that corresponds to the number of elements in the 
images array. The second method uses the 
CPSelectorFromString function to create a selector from 
the column identifier that was passed in to identify which 
column data is l>eing requested for (either title or size) and 
calls that selector on the corresponding Googlelmage object 
and finally returns the result. So this method either returns the 
title or the size of the image for the requested row. The third 
method finds the Googlelmage object of the selected row and 
loads die corresponding image in the image view 

Thafs it: Tlie application is done! When you now leioad 
mdex.htmJ in your browser and search for “cappuccino.org" 


everything should look kind of like Figure 6. 

A A cBpfi lfnig«»«iich clb 
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Figure The finished image search applicatian 

Conclusion 

Cappuccino is a very powerful framework that lets you 
develop lieautiful applications. You don’t have to learn a slew 
of new languages or technologies but can reuse and expand 
on your valuable knowledge of Objective-C and Cocoa. So 
what’s stopping you from porting your Cocoa application to 
Cappuccino now? 
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by Boisy G. Pitre 


No Pane, No Gain 

Building a Preference Pane 
plug-in to integrate into 
System Preferences 

___ / 

Introduction 

Have you ever been curious about extending the System 
Preferences appliaition on your Mac? System Preferences is the 
central location for clianging and fine-tuning a wide range oi' 
options, from display settings to networking to mouse settings, and 
everytJiing in between. YouVe probably noticed that from time to 
time, the installation of a new application causes a new icon to 
apf^r in the System Preferences window. This is possible 
because Apple has ardiitected System Preferences to accept 3^- 
party preference pane plug-ins, and in diis month’s E>et^!apcT io 
DeiJeloper^ we’ll go tlirough the steps to construct our very own 
preference pane plug-in. As always, a ready-to-run project Ls 
available on MacTeth's FTI^ site. 

Why Preference Pane Plug-ins? 

When developing a GLn“f>ased application, we typic’aJly setup 
a preferences windoAv that allows tlie end-user to control and 
customize settings. After the application terminates, the 
preferences are stored away in a file so that subsequent launches 
of that same application am coasult anil adiust to tho-se settings. 
Usually, there is no need Xo adjust thcjse settings when the 
appliaition isn’t running. 

A preference pane plug-in, on the other hand, allows users to 
change settings ouLside of the sccjpe of a single running 
applicntion. Hence, die System Preferences application focuses on 
settings that are global in nature and affect the running of the 
operating system. When determining whether your application 
nec^ a preference pane plug-in, ask yourself the following 
queslioas: 

Does your application perform functions that affea the 
system as a whole? 

Is your application a non-gui one (i.e. launch daemon) whose 
settings need to be changed by the user? 


If the answer to either of these questions is yes, then in all 
likelihood, a preference pane plug-in is the correct venue for your 
needs, !n fact, a common use of a preference pane plug-in is to 
provide some visual form of interaction for a daemon or other 
iow-maintenance, non-GLU process running on the system. 

Before we launch fuK-sc'ale into the process of creating a 
preference pane plug-in, let's take some time to learn about the 
System Prefenenc’es applic'ation itself. 

System Preferences Then And Now 

On all Macs, the System Preferenc’es applic’ation resides in the 
/Applications fbldcT; it can be launched from there, or quite 
conveniently, from the Apple menu at the lap left comer of your 
main screen. 

Up to Leopaai (10.5), System Preferences ms a 32-bit 
application, and all preference pane plug-ins were also 32-bit. 
Starting with Snow I^eopard (10.6), it became a 64-bll application 
that can accept both 32-bit and 64'bit plug-ins. When a 32-bit 
preference pane plug-in is encT>untered in 64-bit mode, System 
Preferences wiU relaunch itself in 32-bit mode to adapt to the plug¬ 
in. 

At this point, all preference (xme piug-tn developers should 
Ix" building Ixjdi 32-bit and 64-bii versions of their plug-in. 
Building it in tills way will ensure that tlie plug-in runs smootlily 
on bc>th environments. 

Where Plug-Ins Live 

Preference pane plug-ins are specml bundle files whicli live 
on your Mac’s file system, Tliey have an extension of *pref Pane 
and contain a number of files which we will gtr over shortly. AH 
Apple-supplied preference pane plug-ins are in the 
/System/Library/PreferencePanes folder. If you're 
curious, feel free to examine this folder, hut be caieftil not to 
nKxlify anything, since these plug-ius are part of the standard 
.system install. 

For 3^-party preference pane plug-ins, Apple has dictated 
that they teside in either one of two folders: 

/Library/PreferencePanes 

-/Library/PreferencePanes 

The first path is a gk^ltal one; preference pane plug-ins that 
reside in this folder wtH be seen by all users on your .system. In 
general, this is the appropriate plac^ for preference pane plug-ins 
CO reside. However, as option 2 above indicates, they can also be 
installed inside of a user’s home folder. Here, the preference pane 
plug-in wiU only be seen by that user when he launches System 
Preferences. 

Installing A Preference Pane Plug-in 

The installation of a preference pane plug-m is quite simple. 
Just double-clicking on the file in Finder is enough to launch 
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System Preferences, At that lime, the preference pane plug-in 
bundle will be examined and System Preferences will ask if you 
want to iastall the plug-in for the ciirreni user or for all users. 
Depending upon your answer, it will either copy the bundle to 
your home diredory loc'ation, or the rcx>t ltx:ation where all users 
can view the plug-in. If you choose for all users to utilbe the plug¬ 
in, you will need to type in the administrator password since the 
copy operation requires admin privileges. 

^ A " Sifltietn Prafernsncei 
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Peeking Into The Code 

Now tliat we have explored System Preferences a bit, let's take 
a look at the details of implementing a preference pane plug-in, If 
you haven’t already done so, download the project source file 
D2DPrefPane. zip from tlic MacTech FTP site and decompress 
it on your hard drive, then open up die 
D2DPref Pane .xcodeproj file in Xcode. 

The project consists of a number of source tiles along witli 
resource files such as icons and images. The following table lists 
each of them and explain their purpc:>se: 


Tin |irtftren:e& pue irurtl b* JdftiiJled twfun _ 

yu IL Do want tn install it now? ^ 

D«idg| tiQh 

* © UHtil *0f ihis ysw onlv 


Table T, Project Files and their Purpose: 


HudwAfc Q lnstiiii feralf users of this compHtrr 

File name 

Purpose 

■■ m 

fcssi nssn *"* 1 

l)2DPref.h/D2Dheb 

This Is fhe home of ihe [)2DPref Objedive-f 
doss. Itissubdossedfromthe 



ItSPrefeiMePane doss and holds the code for 

* * 0 

UfWDfli lluitiieA Skimtg 

D2Dlcon.|ing 

our |dug-in. 

Ihis Is the lam that wlH appear In the System 



Preferences app&cation. 

Figure 1. System Preferences Installation Option 

MacTecli.png 

this is a graphic that will appear in a button on 
our preference pane plug-hi. 


lnfo.plisl 

Ihe property ftst fde that holds important 
infoTHHlian about the structure of our plug-m. 


D2DPref.xil) 

Ihe Interface Builder file which contains the 
visual layout of our preference pone plug-ln. 
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Now lefs eornine the central source file to this project, 
D2DPref •m. When developing a preference pane plug-in, you 
must have an Objective-C class that is subclassed from 
NSPreferencePane, and your subclass must implement the 
mainViewDidLoad method, lliis method is the entry point into 
your custom preference pane plug-in, and can contain any 
initialization code that you need to perform. Since our preference 
pane is simple, we ainently do nothing here. 

A custom method that we have defined in this file is 
urlButtonAction: which is an action method for a button that 
exists in the preference pane. When the button is clicked, a 
browser will be spawned to take us to the website of our favorite 
magazine. 

Looking Into The Nib File 

Now Open the D2DPref«xib file in Interface Builder. The 
File's Owner for this NIB fQe is the D2DPref. m file that we just 
examined. Since D2DPref inherits from NSPreferencePane, we 
must hook up the ^window outlet to the PrefPane window 
ol:)jeci within the NIB file. That is already done, but you can 
confirm by right-clicking on the File's Ovmer icon to see that the 
connection is made. 

ITouble-click on the PrefPane object in the NIB file 
document and you will see that the object is an NSWindow with 
a single button in the middle containing the graphic of our favorite 
magazine. If you examine the action outlet of this bunon, you will 


see tliat It points back to tlie urlButtonAction: method in our 
D2DPref class (which is the ovmer of the NIB file). So the 
expectation is that if we click on the button, it should invoke the 
action method that launches a browser and takes us to the 
previously indicated URL 





Figure 2. The preference pane window in Interface Builder 


Ihere is sometliing important to note here: the dimensions of 
the NSWindow are specific, particularly the width. Starting witli 
Leopard, all prefeienc'e panes are to lie 668 pixels wide, somewhat 
larger than previous versions of System Preferences on Tiger and 
prior operating systems. The height can vary, but ytrur NSWindow 
object should maintain a widtli of 668 pixels, as we do here. 
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Build And Go! 

Ntm^ here'5 the moment weVe alJ been waiting fon Switch 
back to Xcode and build the project. Once it is built, locate the 
Produces folder in the Xcode Groups & Files pane. Tliere you 
should see the D2D.prefl^ane bundle. Double-click and it will 
launch System Preferences with the dialog box asking how you 
wish to install the plug-in. For now, simply install it for yourself 
only. System Preferences then copies the bundle to your home 
directory's Library/PreferencePane folder and launches the 
plug-in. You should now see die JVkicTech button sitting solitary 
in the middle of tiie pane. Go ahead and click it; it should take 
you to die MacTeeh website. 

Summary 

Tliis mondi, weVe examined die openition of the System 
Preferences applic'ation along with its plug-in arcliitecture. From 
there we successfully built a preference pane plug-in from die 
provided Xcode project and installed it on our system. 

One issue that hasn't been addressed thus far is that of 
security. Depending upon the application, there may be times 
when it is necessar>^ to access or even modify fdes that Ijelong to 
root, Next month, well extend our preference pane plug-in witli 
authentication services and the ability to run external commands 
as root. We’ll also thrown in some odier nifty tid-bits about 
preference pane plug-ins and discuss how to use tlie Xcode 


debugger to debug your plug-in. Until then, 1 suggest reading tlie 
documents in tlie bililiograpliy below" to expand your knowledge 
of preference panes. Until next mondi, have hin! 
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Scripting Automations in 
Windows for Mac OS X 
Administrators 


by Charles Edge 


Introduction 

To minimize the Total Cost of Ownership (TCO) of large 
numbers of systems requires some form of customization. Such 
customization may come in the form of scripting simple tasks, 
automating complicated procedures and usually includes 
building bridges between disparate systems using the APIs 
available for those systems. 

The growth of Apple in large environments means that 
there are more and more enterprises looking to adt)pt a 
platform that allows the enterprLse to not only provide services 
similar to how they are provided for other platforms, but also 
allows tlie enterprise to centrally manage the client computers. 
The Enterprise Desktop Alliance (EDA) has developed a 
strategy fcrr leveraging existing Window^s Server adtninistrators 
and infrastructure in order to provide command, control and 
connectivity services to Mac OS X clients. The EDA includes 
Absolute Manage, Cemrify, GroupLogic, IBM and 
WebHelpDesk, all able to run on Microsoft Windows Server 
2008 R2. Each of tliese vendors fills a very specific void for 
managing Mac OS X: 

Absolute Manage: Change, configuration and patch 
management 

Centrify: Extending group policy objects to enable Active 
Directoly-based management and a directory services plugin to 
ease the transition to Active Directory 

GrotipLogic: Native Mac OS X file services hosted on 
Windows Servers 

IBM: Web and groupware services as well as highly 
available Windows Server hardw^are 

WebHelpDesk: Trouble ticketing and inventoiy 
management 

This ecosystem provides systems that work very w^ell 
together, or independently, maximizing the efficiency of staff 
and giving administrators repeatable, highly available, well 
documented and vendor supported irifrastmcaires. The EDA 
has run 3 previous articles in MacTech Magazine, outlining 


options for replacing the Xserve with Windows Servers now 
that Apple no longer provides rack-den.se solutions. This allows 
administrators to run their most critical and important services 
diat enterprises need, even wiiile the Xserve is deprecated 
Tliese articles included: 

January 2011: Centralized Mac Home Directories on 
Window's Servers 

February 2011: Imaging and Patch Management using 
Windows Servers for Mac OS X Clients 

March 2011: Implementing File and Print Services for Mac 
OS X u.sing Windows Servers 

April 2011: Uirge Scale Mac OS X Client Management Using 
Windows Servers 

In this, the 5rh installment of the EDA series on moving 
from Mac OS X Servers to Window's Servers, we will look 
further at ExtremeZ-lP, Absolute Manage, Centrify and 
WebHelpDesk, Our fcKUs this mcmtli will be on extending what 
these products can do in order to tailor them to your unique 
environment. We are moving beyond the graphical optiorLS that 
the vendors provide and into more of a command line and 
scripting environment. 

As we have been showing throughout tliis series of articles, 
the move from Mac OS X Server to Windows Server can be less 
cumbersome than many previou.sly thought. The platform is 
considerably more scalable, with virtualization end-to-end and 
true high availalMlity^ options. And in many envircmments, Active 
Directory has been integrated for years and so administrators 
are already well versed in Windows Seiwer administration 
basics. The impact of replacing systems on existing middleware 
components though, can be amongst the most impactful. In this 
article w^e will take a look at some common automations that 
have been built for Mac OS X environments and look at ways 
to port them over into Windows server environments so that 
organizations can have the level of rack density, failover and 
scalability that they require while lessening the amount of 
scripting that is required. 

Middleware 
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No discussion of building network infrastructures to scale 
can be complete without discussing middleware. This is 
localise most solutions fit within an organization to solve a 
specific pain point. Middleware allow administrators to 
interconnect and customize various solutions in such a way that 
the whole is much greater than each part. The customizations 
save time, increase productivity and allow each component to 
be built in such a way that it can scale in ways it otherwise 
could not. 

Every environinent is different. As such, every environment 
has different needs. Most organizations will need multipie 
solutions and diese solutions have different features that each 
organization will customize in ways that make sense for them. 
But often times, the solutions will not ccjmmunicate with other 
solutions meaning that administrators have to do entry into 
different s{)iutions manually. 

For example, let’s look at a t^^pical school environmenl 
Each student, M^hen enrolled, is entered into a student 
information system. The student is then entered into a directory 
service, such as Active Directory or Open Directoiy, Once 
entered, the sUident has a profile created for them and has a set 
of policies applied to their account. The student is also placed 
into a group or multiple groups, based on grade, school they 
attend, etc. The student may have an email or groupware 
account created for tliem as well as be entered into a course 
management system. Each year that the strident attends the 
school their grade will change and according to how the 
systems are setup they may move between different groups 
(e.g. elementary school, then junior liigh, then 1(T^^ grade, then 
then 12^^ and ultimately archived). 

If a school has a lot of students then this can result in a 
massive amount of work for administrators. However, provided 
that a consistent user experience is needed, a few scripts can 
result in drastic reductions in the amount of time spent 
managing students. This can include automatically creating the 
user in the direaory seivice, assigning group membership, 
allocating a computer (as is common in a 1 to 1 deployment) 
and even archiving the student when they have graduated or 
transferred. This type of automation allows a small number of 
administrators to manage even large districts. 

Exposing the API 

Middleware makes administrators more efficient. But the 
capacity to script the middleware is dependent on the APIs 
made available from software vendors. An API, or Application 
Programming Interface, is comprised of the tools and other 
resources a vendor makes available to extend its sofm^are. lire 
vendors comprising the Enterprise Desktop Alliance each have 
a number of automations that commonly revolve around their 
sc^lutions to aide when managing the lifecycle of systems. 

In order to integrate the Web Help Desk with other 
applications, FITTP interfaces are provided to log clients into 
the application (skipping the login page) and to create tickets. 
The Web Help Desk links can then be accessed from other 
solutions, automatically generating tickets. Administrators can 


also edit the Web Help Desk database directly, although when 
it is possible to augment a solution using an API to accomplish 
a given task, it is always preferable to do so over editing the 
solutions back end directly 

The Centrify DirectControl API allows administrators to 
control zones and NIS maps. Zone control includes 
programmatically creating, editing and deleting zones widiin 
Centrify as well as adding users and groups to these zones. This 
allows administrators to bolt Centrify into other solutions, such 
as Student Information Systems, Identity Management Systems 
and even other middleware components already in use and 
development. 

The Centrify DirectControl API provides standard Windows 
COM objects that convert Active Directory application objeas 
into Centrify-enabled UNIX user, group, computer, and zone 
objects. These are packaged in the DLL (Dynamic Link Librar^O 
that is distributed with the DirectControl SDK. Documentation 
for the API can be found at 
http://www.cerberls.com/tmage5/pr0duits/techFiles/Centrify' 
D i rectControWTrog ra m m e r-Gu i d e. pdf. 

ExtremeZ-IP has a imiiurc and fulhfeatured API whereby 
almost complete control of the application has been exposed 
by the API. Using the API, it is possible to create, edit and delete 
print queues and file shares within ExtremeZ-IP. There are a 
number of different ways to interact with ExtremeZdP 
programmatically, hut none is easier than ctJntrolling the 
options exposed in the EZlPUTIL,exe command line optioas. 
But given that for every scripter there is a different way of doing 
things, ExteremeZTP has also provided access via C-H-, WMl 
and even a web services APi. Later in this article we will kx)k 
at using the command line in a scripted workllow and provide 
links for accessing even more information as needs progress. 

Absolute Manage can also \y^ accessed using an API of 
sorts. Primarily, interacting with Absolute Manage will take form 
of reading data from a MySQL database, allowing administrators 
to query information indirectly from Absolute and leverage the 
output of those queries in other scripts and data structures. 

Controlling Client Computers 

Absolute Manage has registered the lanrevagent:// handler 
w^hen the Admin in^staIler is installed. The syntax for invoking 
lanrevagent is similar to calling up a web page or an AFP 
mount, except here you define the command, followed by what 
exactly to run that command against, Tlie command to remotely 
control a host is remotecontrolagent. The easiest way to indicate 
an agent to be controlled is to define a computername that the 
agent can control, done by following the remotecontrolagent 
command with ?computernaine=<the actual computer 
name to be used>, When defining computername, you 
will need to replace any special characters with their LIRL 
encoded representation (e.g, - for a space that would be a 
%20), This is really actually very straightforw^ard. To control a 
computer named Charles Edge MacBook Air, you would use the 
following URL from a browser: 
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lanre va gent: / / tremotecont rolagent 7 compute rname=Cliarles%20Ed ge% 
20HacBook%2{}Air 

Or simply use the terminal command: 

open 

1 an r eva gent: / / r emo te c ont r a 1 ag ent 1 c omp ut e i:rLame=Gh a r 1 e a %2 OEd ge% 
20MacBook%20Alr 

Using the open command allows for variable substitution, 
which makes this yet another addition to the possibilities 
surrounding automating administration tasks through help desk 
software without having to expose passwords to intermediate 
administrators- Provided that host names are in synchronization 
between servers, you then have the ability to invoke commands 
against Absolute Manage using other products as part of your 
management lifecycle or some form of middleware. 

To restart the Absolute Manage service, 

net stop "LANrev Server" 

Followed by: 

net start “LANrev Server" 

On the server, administrators can also start and stop the 
Absolute Manage Agent and Absolute Manage Server in 
Windows using the Windows Services applet or do so 
programmatically with a registry edit- To restart the Agent or 
Server (and therefore reload configuration data), the Trigger 
registry key would need to lie set to T These are located in 
HKEY_LOCAL_MACHINE\Software\Pole Position 

SoftwareMANrev AgentVTrigger and 

HKEY_LOCAL_MACHINE\Softwaie\Pole Position 

Software\LANrev Ser\'er\Trigger registry keys for the Agent and 
Ser%'er respectively, 

ExtremeZ-lP can also be started and stopped 
programmatically. To restart ExtremeZ-lP: 

net stop ^'ExtremeZ-IP" 

Follow^ed by: 

net start ”ExtremeZ-IP" 

But service control is only the l>eginning of what can l>e 
done using the command line when controlling ExuemeZ-lP. 
Shares, printers and sert^er settings can also be configured. 

Creating Shares Programmatically 

Windows and Windows Servers have a command line 
envhonment similar, albeit far less functional from a scripting 
perspective to the shell environment in Mac OS X. Scripts, 
knowm as batch scripts can then be written to automate basic 
functionality in Windows Servers, While you can do a lot widi 
PowerShell or WMI, batch scripts are simple and quick to write 
and execute. For administrators already familiar with Python, 
Ruby, Perl and other languages more native to Mac OS X, those 
can all be used in Windows as well, ExtremeZ-fP can be 
controlling using tlie EZIPUTIL command. This is similar to how^ 


the serveradmin command can be used to set global sellings In 
Mac OS X Server. For example, to start the server services, die 
SERVER option can be used in conjunction with the /START 
switch: 

EZIPUTIL SERVER /START 

The SERVER option can also be used for a number of other 
tasks, such as obtaining a list of files in use through ExtremeZ^ 
IP: 

EZIPUTIL SERVER /PILES 

Or to see which users are currently logged into the .system: 
EZIPUTIL SERVER /USERS 

The SERVER option is for controlling global information 
about the server. The VOLUME option can be used to create, 
edit and delete shared volumes through ExtremeZ-lP, much as 
the sharing command can do so in Mac OS X Server. As shown 
in previous articles, there are a number of settings that can be 
used for volumes. Each of these is available using the EZIPUTIL 
command. Tlie following are a few switches for shares that are 
available from the EZIPLITIL command. 

/ADD - Creates a new .shared volume 

/EDrr - Edits an existing shared volume 

/NAME:vQlumename - Configures the shared volume’s 
name 

/PATH:rr)ot directory path - Sets the path of the file system 
that is shared out 

/READONLY:TRUEj FALSE - Makes the .share read-only 

/GUESTSALL0WED:TRUE|FALSE - Allow^s guest access to 
the share 

/PASSWORD :pa5sword - Enable,s volume-based passwords 

For example, to create a volume for a path of 
c:\SHARED\ACCOUNTING (the /PATH switch) where guests 
are not allowed (the /GLfESTSALLOWED switch) where Time 
Machine volumes are allowed (the /[S_TM_VOLlJME switch), 
the following command would create such a share: 

EZIPUTIL VOLUME /ADD /NAME:ACCOUNTING 

/PATH;c:\SHARED(ACCOUNTING /GUESTSALLOWED:FALSE 

/IS_TM_VOLUME 

Scripts leveraging the EZIPliTIL command can then be 
crafted to perform a number of tasks, such as automatically 
creating a share for each user as users are created in another 
system, creating shares for specific groups and even deleting 
shares at die end of their lifespan as part of a Information 
Lifecycle Mamigement policy. 

The third and final option provided by the EZIPUTIL 
command is the PRINT option, which surprisingly allows for the 
management of print queues. PRINT has the same basic 
.switches in /ADD, /EDIT, etc. But the other switches are 
specific CO managing printers, A sampling includes the 
following: 
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/PPD - Allows providing a PPD to supply Mac OS X clients 
with a driver 

/PPD_0NLY_FR0M_SER™H:TRUE I FALSE - Forces clients 
to only use the PPD provided by the server 

WINDOWS - Queues are available as standard Windows 
printer Queues 

/PRlNTER:printer 

LPR - Queues are available as LPR 

/HOST:host - 

/QlTEUE:queue 

In the following example, we wQl create a printer from the 
command line, using an existing primer installed in Windows 
called Finance_LaserJeL This printer will have the same queue 
name through ExtremeZ-lP that is used to connect Windcjws 
users and will require Mac users to download a PPD in order 
to use it that is stored at cADrivers\PPDs\LaHerJet_P4041n 

EZIPUTIL PRINT /ADD /METHOD:WINDOWS 
/PRINTER:Finance^LaserJet /PPD: 

c:\Drivers\PFDs\LaserJet_P4041n /PPD^ONLY_FROK_SERVER:TRUE 

To find more information on these, you can use the 
EZIPUTIL command followed by the HELP verb: 

EZIPUTIL HELP 

While administrators can use ExtremeZ-lPs command line 
tools to create shares, it can be somewhat unwieldy to leverage 
a share per user for creating home directories, and so 
administrators often use a share for a group of users and create 
folders for each user based on, for example, Active Directory 
group or Organizational Unit membership. 

Automated Policy Management 

Visual Basic is a language that is often used for automating 
basic tasks in Microsoft Windows Server environments. Visual 
Basic is similar in many ways to perl or pytlion and can be as 
simplistic or complicated as each task that needs scripting. This 
section of the article isn't a guide on writing Visual Basic scripts, 
a topic many full books currently explore. Instead, this section 
of the article is meant to showcase how to do a few basic tasks 
that Mac OS X administrators have been doing with scripts in 
Mac OS X environnieaLs for years. 

Managed preferences allow for policy-based management 
of Mac OS X clients. In previous articles, we looked at 
leveraging Centrify to provide such management. Cenlrify, as 
mentioned earlier in this article, also allows for a programmatic 
interface. The interface is available in VBScrpt, J Script, and 
.NET via the Centrify SDK (CentrifyDC_SDK-release-win64,zip), 
available at Centrify.com, 

Installation of the SDK is straightforward, choosing the 
default options at each screen. Once the SDK has been 
installed, a number of methods to work witli Centrify will be 
available in Visual Basic. For example, the following can be 
used to output a list of users that are in a given zone. This is 
done using tlie cims.getzone method from the Centrify SDK. We 


will also use a for loop, looping through all of the users in the 
zone and ultimately echo the output: 

set zone = cims.getzone(“krypted.com/program data/ 
centrify/zones/defaiilt”) 
for each user in users 
wscript.echo user name, user.Uid 
next 

The output would provide short names followed by unique 
IDs for users, as follows: 

ledge 10088 
cedge I0D8D 
eedgG 10092 

Tills is a very simplistic script, wath much more being made 
available by Centrify as part of the SDK. A script like this could 
be used to quickly query for ail of the users that have a given 
set of settings and using other methods it would he possible to 
add users to zones or augment their directory^ data with 
information specific to Centrify. 

Creating Folders Within Shares 

As weVe showm in previous articles in this series, Active 
Directory, using Centrify, can provide the necessary back-end 
infrastructure for centralized home directories without any Mac 
OS X Servers. One of the more common tasks that needs to be 
scripted during directory services migrations and during the 
setup of new users is to create the folders that these new and 
migrated users will use when logging into accounts. 

The Ifser Home Creator script, seen below, showcases how 
to work WHth the FileSystemObject object and its CreateObject 
method, which can be used to (as you can probably guess) 
create an object on a filesystem. In VBScript, creating an object 
is done in a single line (it is common Visual Basic practice to 
prefk objects with obj and strings with str). Here, we can create 
a FileSystemObject called objFSO: 

Set objFSO = CreateObject("Scripting.FileSystemObject") 

We would also create a network object (which we call 
objNetw'ork). We then create an array of a collection of items 
queried from a given Organizational Unit (here, specified as 
Users) in Active Directory and then loop through tliose items 
and create a directory if one does not yet exist. Finally, we call 
on Wscripi.Shell to run a shell command, using the SetACL.exe 
executable to change the permissions on the folders that we 
create. 

User Home Creator 

'Create our FileSystemObject and our Wscript.Network object 

Set objFSO = CreateObject ("Scripting.FileSystemObject"") 

Set obJNetwork “ CreateObject("Wscript.Network") 

'Create an array of users in the OU 

Set colItems = GetObject _ 

("LDAP;//oU'UBers,dc=318.dc=com”) 
colltenis. Filter = Array ("User"") 
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'Loop through the array, read the user into strUaer and the 
path to the homes into strDest. creating the folder and 
generating permissions 

For Each ohjltem in colltems 

strUser = objItem,sAMAccountName 

strDest = “\\afp03.3ie,coni\hoines\" fii strUser 

Set objFSO ^ CREATEOBJECT[‘'Scripting,PileSystemObject") 

IF Not DhjFSO.FDlderExiats(strDest) THEN 

Set objPolder = objPSO.CreateFolder(strDest) 
strDest = ‘'\\afp03.318. coiti\ho[iies\‘' £c strUser 
Set objShell = CreateObJectt'^Wscript.Shell") 
ohjShell,Run ("\\\\afp03,318,cam\netlQgonWSetACL.exe 

-on St StrDest ^ . -ot file ^actn ace " & '‘-ace 

""n:ADV" & strUser &i " rp: full'*"") 

ELSE 
END IF 
Next 

This script shows off the access to objects, IFAHEN and 
arrays. There are iikely more elegant ways to perform these 
actions, but overall tliis shows basic functionality of the Visual 
Basic scripting environment in a way that is beneficial when 
creating network directories to be used for mobile homes. 


Bridging Applications 

Absolute Manage allows otlier systems to view its data in 
liie form of an exponed MySQL database. Absolute Manage 
stores its data in SQLite, rather than MySQL, but adininistrators 
should not interact directly with the SQLite database (it is not 
made available for netw^ork access anyway). Instead, data can 
be made available via MySQL for other applications using an 
ODBC export for MySQL. That's essentially a one-way street; 
inventory data goes out but it doesn't come in. 

Web Help Desk has a built-in discovery connection that 
can use information from the ODBC exported MySQL data to 
create asset entries to keep administrators from having to 
perform double entiy. Bringing Absolute Manage data from 
MySQL into Web Help Desk to create new asset entries allows 
administrators to view inventory details about client's in 
Absolute Manage admin to initiate a remote control sessions 
using a link from Absolute Manage in the Web Help Desk 
console. 

To get started, first install and configure a MySQL server 
that will be connected to by Web Help Desk. Then create a 
database in MySQL to host the inventor^" data, Once there is a 
database on the server that can accept the ODBC export, install 
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Figure T - Creating an ODBC export. 
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the MySQL ODBC driver on the Absolute Manage server. To do 
so 

Open the Absolute Manage Admin application on the 
Absolute Manage server 

Choose Server Center from the Window menu. 

Click on Server Settings in the side bar. 

Click on the ODBC Export tab. 

Check tile box for Enable ODBC export tab. 

Provide details for the ODBC connection: 

Data source name (DSN): 

Database server address: The address of the server in 
question. 

Database name: The name of the database on the server. 

Database username: The name of the user configured to 
authenticate to the server. 

Database password: The password of the user that has 
been configured. 

Database password verification: Tlie password of the user 
a second time for verification. 

Export interval: The nuniher of minutes between database 
exports. 

Once the required ini'ormation has been provided, open 
MySQL and verify tliat the databases have exported as intended, 
Provided that they have, it is then time to integrate a party 
with the database. There isn't currently any public 
documentation of the MySQl. database structures. But generally 
the foreign key columns are consistently named 
<hasejable_nanie>_record_id, where <base_tahie_naine> is 
the name of the table tliat the foreign key references. Within 
this table, the foreign keys generally reference the ‘"id” ct>lumn. 
For example, the hardwareJnfo.agenL_info_record_id is a 
foreign key referencing ageni_info.id. 

Ihere are a few exceptions to tfiis rule. The base table for 
all computer-related tables is the agent_info hibia, all other 
tallies relate to this table using the 'agent_info_record_id' 
column as a foreign key referencing 
agentjnfo.id. Some columns are 
enumeration values, in which case the 
value relates to a corresponding 
enumeration table. Enumeration table 
names have a prefix of 'Vnum_’' and a 
postfix that loosely relates to the 
column name in the table containing 
the enumeration values. For example, 
a ta_ info. D e viceTy pe -> 

enum_ATADeviceType and 

agent_info,AgentPlatform -> 

enum_AgentPlatform, The names of the 
custom fields can be associated with 
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the custom field values as 

agent_custom_fields.FieldID=custom_field_names,id. 

The other groups of records that have independent 
relations include: 
iPhone records: 
iphone_mfo is the base table 

iphone_installed_software_info relates to iphonejnfo.id 
using the iphone_info_record_id column 
Software distribution; 

sd_packages contains package descriptions 
sd_payloads contains package payload descriptions 
sd_groups contains computer group descriptions 
sd_staging_server contains staging server descriptions 
sd_diskimages contains disk image descriptions (disk 
images for software distribution purposes) 

sd_meiapackages_packages lists the packages contained in 
the metapackages 

sd_groups_packages associates sd_groups with 
sd_packages 

sd_groups_agent5 associates sd_groups with agent_info 
records (for plain computer group.s) 

sd_groups_staging_servers associates sd^groups with 
sd_staging_server records 

sd_installation_status contains installation status info and 
references sd^packages via 

sdJnstaIlation_status.sd_package„record_id=sd_package.id 
License monitoring - tables having an 'lc_' prefix, e,g. 
lcjicense_specs contains the license specifications, 
lc_groups_specs relates sd_groups to lcjicense„specs records, 
etc. 

Administrator setup and as.signmenl - tables ""admins" and 
all tables with an “adminJ' prefix where "*admins” contains the 
admini-STrator accoimls: 

admin_apppointments contains the definitions of the 
appointment groups 
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Figure 2 - Web Help Desk install. 
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admin^appointmenls^adniina associates admins with 
appointment groups 

admin_appointments_agents associates computers 
(agent_info records) with appoiatment groups (for plain 
appointment groups only), where diis relation is done through 
the agent serial number instead of agentJnfoJd, t.e. 
admin_appointmenLs_agentsAgentSerial=agent_info.AgentSeria 
I 

admin_groups contains administrator group definitions 
admin_groups_admins associates admins with admin 
groups 

In this case, we will look at using our data to populate Web 
Help Desk, w'hich can pull client inventory data from the 
MySQL inventory database. To do so, configure an asset 
discovery connection with the correct access settings to connect 
to Web Help Desk. First, install Web Help Desk, following the 
default settings during the installation prc^cess. Then, open the 
Web Help Desk directory wathin /Applications and open the 
Start Web Help Desk application. 

Next, from within Web Help Desk^ 

Click on the Setup Icon. 

Click on Assets (assets is only available in tlie Full version, 
so for environments running the Lite version, a .switch will need 
to l)e made to the Full version), 

Click on Discovery Connections. 


Click on New. 

Provide connectivity infomiation for MySQL: 

Connection name: A friendly name for the connection. 

Discovery tool: Set to Absolute Manage (LANrev). 

LANrev MySQL Database host: The address of die MySQL 
server. 

Port: The port that MySQL runs on. 

Database name: The name of the database provided in the 
earlier part of this article. 

Username: A username with appropriate access to the 
database diat was created earlier in this article. 

Password: The password provided in the Username field. 

Include Virtual Machines: Choose whether virtual 
machines should be included in the import. 

Auto-sync Schedule: Set a schedule to perform imports, 
allowing administrators to import database content 
automatically. 

Ignore Black Discovered Values: Allows for manual editing 
once data has been imported into Web Help Desk. 

Client Relationships: Determines how users and computers 
are associated* 

When Assets Are Removed: If set to Delete Asset then as 
assets are removed from the Absolute database so to shall they 
be removed from Web Help Desk, 
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The discovery tool should then propagate the machines 
from the intermediary- database that was created at the next 
scheduled sync,. In this example, we were able to interconnect 
two solutions without writing any scripts. We were able to do 
so because it is a common practice/where both vendors saw it 
fit to interlink their solutions, Web Help Desk is also able to 
import data from Apple Remote Desktop, JAMF's the Casper 
Suite and Microsoft’s System Center Configuration Manager 
(SCCM). User accounts can also be imported into Web Help 
Desk using the LDAP Connections option listed under the 
Clients menu. Once data has been imported into Web Help 
Desk, administrators can then look at programmatically 
interfacing with Web Help Desk to create tickets. 

Automated Ticket Management 

Web Help Desk is trouble ticket management software that 
runs in Mac OS X, Windows Server and Linux environments. 
When using Web Help Desk, it is possible to bolt 
interoperability with databases and other solulions in by 
injecting information into URLs or leveraging emails that the 
server picks up and takes action on. This API functionality 
allows administrators to build middleware around the exposed 
features for such activities; logging into the database and 
creating tickets. 

In the following examples, we will be using a server that 
we will call middleware.enterprisedesktopalliance.coni. To 
simply bring up the login page, a script can call up the URL of 
the server* or when followed 

by/helpdesk/WebObjects/Helpdesk.woa/wa/login, other 
information can be injected into the URL. For example* this 
could be put into a script by using an open command along 
with tlie URL, a username (in this exiimple cedge), a password 

(in this exampleSuperSecret)' 
open 

http;//middleware,enterprisedesktopalliance.com/helpdesk/WebO 
bjec:ta/Helpdeak,woa/va/logln?asername=cedge£fpassword^SuperSec 
ret 

Note: While tve embedded the password in the abow 
command for simplicities sake, more logic could easily he added 
in a script to cal! the password from keychain or another more 
secure location, which mntkl he much more appropriate in a 
pmduction environment. 

A common use for something like the above would be a 
Mac OS X menu item for an o^ga^i^ation that loads up a site for 
creating tickets. But it is imporumt to note that authentication is 
required for each URL sent. Therefore* administrators scripting 
against Web Help Desk will want to assume tasks will lie 
performed on behalf of a common user, an issue in some 
environments. In addition to simply authenticating users to the 
server, scripts can also be used to generate tickets in Web Help 
Desk. 

To create tickets, the /helpdesk^WebObjects/- 
Helpdesk woa/wa/createTicket will be appended to the base 
URL, Looking at the previous URL, the options that are provided 


begin witli the question mark (?) and are separated by 
ampersands (&). The options allowed include die following: 
User Settings: 

email: End user's email address 
last_name: End user's last name 
first_name: End user's first name 
user_name: End user's user name 
password: End user's password 

location: location of user (if none Is provided then the 
default locadon of the user is used) 

department: user's department name (if none is provided 
then the default department for the user is used) 

Ticket Setettings: 

problemjd: Ticket problem type id number (integer for 
PROBLEM_TYPE) 

priorityjd: Ticket priority id number (integer for 
PRIORITY^TYPE) 

subjea; Ticket subjen 

detail: Information to be placed into the ticket problem 
detail text field 

id; customerjd number (if using the hosted Web Help 
Desk, an organization ID will also be required, otherwise an 
option) 

If a script attempts to create a ticket for a user who does 
not exist then the user will be created. In tlds case one should 
always try to [irovide an email address, aldiough an account can 
be created even if there is no email address. This allows the 
automated creation of users using a looping script to, for 
example, create a ticket for them to provisitm their Web Help 
Desk accounts. 

Creating tickets is one of the more important task.s though. 
To do so is straightforward. .Simply use the same structure as the 
previously used command and make sure to use Unicode 
appropriate characters (spaces are not allowed). The following 
command would create a new ticket for Charles Edge, at my 
home, with an email address of 
enduser@enterprisedeslttopQlliance.com with a problemjd of 2 
and a priority-_id of 4: 

open 

http: / /mydomalri. coan/helpdesk/WebOb j ects/ Helpd esk. woa/wa / creat 
eTlcket?prDblem_id=2&priorlty_id^4&subject^New%20Laptcip£idGtal 
1=My% 2 0 Wind ows ONe t b ook%2 01s%2 Oh e avy & email=endus erSenterprls 
ede5ktopalHaTice.coni&fli:st_naKie“Charles4last_name=Edge&locati 

aii=HoiiiE 

We were again using the open command; however, the curl 
command could also be used. Keeping the entire transaction 
within a script and not actually opening a browser window is 
often times l>est w'hen working widi these sorts of tasks so as 
not to confuse users. Additionally, perl, pyUion, Visual Basic, 
.Net and practically every other scripting environment is going 
to allow' handling URLs in a far more graceful manner than 
using the open command (but it makes for a easy example). 

Once created* the client’s ticket history page is returned* 
with a measage acknowledging the new- ticket. This message 
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could be used to genemie a response eitlier to a script or to an 
application. If an error occurs the login page is returned, with 
a messaging describing the error. If the specified e-mail address 
cannot be found in the CLIENT table, an attempt is made to 
create a new client account (see notes below). 

Conclusion 

Most software packages used by System.s Administrators 
have an API of some sort. Those referenced in this article are 
interacting with Web Help Desk, Centrif^, ExtremeZ-IP and 
Absolute Manage using different methods in order to showcase 
the different features of each. However, what we have done is 
really ody the tip of tlie iceberg. There are no limits to what 
you can do when it comes to extending the functionality of 
software when there is a strong business case for doing so. 

When costs are justified, many will look at the least 
expensive options for scripting. Expense can mean a variety of 
things. It tran mean, expense in terms of CPU or RAM 
utilization, ii can mean expense in terms of time required to 
program a given solution or it can mean expense in tenns of 
actual cost. These three do no always line up accordingly. But, 
you will often find that ccxling something in bash is going to 
come with limitations, lioth in terms of scale and resource 
utilization faster than going more direct to the application, as is 
made possible by wTiting a tool in WMT or PowerSheh. Having 
said this, WMl or PowerShell are going to have a far steeper 
learning cur\^e, 

Whichever you ch(X)se, take these examples and build on 
them. If Features that you need aren’t referenced, review the 
documentation links provided or contact the vendor and let 
them know' whai you w'ould like to do and see if someone else 
has already done it. While we discussed throughout this article 
the fact that environments are often very different, it just so 
happens that rarely are any of us going to tr>^ something that 
hasn’t been done before. If something has been done, then 
there is no reason to reinvent the wheel. Take that time you 
would be doing so and have a little fun. You deserve it (if only 
for having made it all the way through this article). 


\\\\ 
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The SQLite DB and iOS 



I 


Introduction 

This article will show you how to use the SQLite database 
from a LINIX shell and how to program it for iOS applications. 

Because the programming interface to the SQIite database 
is written in C and Objeaive-C is a superset of C, it is easy to 
make use of SQLite into your iPhone projects. 

After reading this article, you will be ready to understand 
the advantages of SQLite3 and programmatically use the SQLite3 
database either from the UNIX command line or your iOS device. 

At the time of writing this article the latest SQLite version is 
37.3 and the latest Mac OS X version is 10.6.5. 

Introduction to the SQLite DB 

SQLite does not offer autlientication or audiorbiation. UNIX 
file permissions (using the chmod command) are used in order 
to determine die tiiree SQLite-supported access levels; read/write 
access, read access and no access. 

Also, SQLite is not suitable for very large datasets even 
tliough mcxlern filesystems support files with sizes bigger than a 
terabyte. 

Lastly, SQLite does not support repUcation-you can backup 
a database by simply copying the databa.se file! 

The advantages of SQLite are tlie tallowing; 

It has great performance. 

It is reliable. 

It is portable. 

It is self-contained (the main reason that it was embedded 
for iOS). 

It has a small runtime footprint - small size as weU as 
smaU memory usage. 

You do not need a GUI to use it. 

You do not need to setup/start a server process to use 
SQLite. 

Supports the query languages features of the SQL92 
standard. 

Using the SQLite DB from the 
Terminal 

First of all, let me tell you the reason you need to learn how 
to use SQLite from the Mac OS X command line: you can easily 

80 MAY • 2011 


create a database and copy it inside an iPhone Xcode project in 
order to use it from your iPhone application! 

The simple database that you are going to create in this 
section is going to be used in the forthcoming sections of this 
anicle. 

The following are the most important operations that you 
should know' when using an SQLite database. 

Creating a database 

The following command will create a new database {by 

simply creating a new file) if die file does not already exist; 

% 3qlite3 testSQLitye.dh 

SQLite version 3.7.3 

Enter ”.help" for instructions 

Enter SQL stateiDErsts terminated witli a 

Deleting a database 

In order to delete a database, you only have to delete the 
relevuni file. In our case the follow^ing command will be enough; 

$ rm testSQLite.db 

Creating a table 

After creating a database and running the sqlite3 command, 
you wall have to type the following in order to create a new^ table 
called lest. 

sqlite> create TABLE ""test" [ '^Satne*' TEXT, ■"Surname'' TEXT) ; 

The simple table called test ha.s two fields caUed Name and 
Surname, both of them having the TEXT type. 

Inserting data into a table 

The followang three commands insert three entries into our 
test table. 

aqiite) INSERT INTO test ("Name". "Surname”) 

VALUES ("Mihails”. "Tsoukalos”): 

fiqllte) INSERT INTO test ("Name”. "Surnaine”) 

VALUES ("HacTech^t "Magazine"); 

sqlite) INSERT INTO test ("Name". "Surname”) 

VALUES ("Edvard". **Marcz3k"); 

Displaying the data of a table 

The foUowing command will display the data that the test 
table has. 
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sqlite) select * from test; 

Mihails Tsoxikalos 
MacTech Magazine 
Edward jMarczak 

Please consult the Web Links and Bibliography section of 
this article for more resources about both SQLite3 and the SQL 
language. 

Programming the SQLite DB Using 
Objective-C 

First of all, Forget the title of this section! The truth is that 
you will need some C (because SQLite's API is written in C) to 
program the SQLite DB. 

The critical side effect of this fact is that you will not be 
able to use NSString objects (that are needed for iPhone 
programming) to pass data to the SQLite DB because C knows 
nothing alxiut NSString objectsl 

So, you will have to wrap C code inside your Objective-C 
code that is required to “manually’' convert your C strings (that 
are actually C cbamcier poiniers (char *)) into Objective-C 
NSStiing objects and vice versa in order to exchange 
information between the two programming languages. In order 
to convert a NSString object into a C siring, you need to use tlie 
ITFSString method of the NSString class and the 
initWUbUlTSStnng method in order to do the reverse thing. 
The example code is the following: 

#iinport <Foundaticin/Foundation.h> 

^fimpart <sqlite3,h> 


// Progcamnjeri Mihails Tsoukalos 
// Date: Monday 25 October 2010 
// 

// This Is an example program of using 
// SQLite using Objective-C 
// 

// Compile it with the following conimand: 

n 

// gcc -framework Foundation EQLiteExample.m -o 
SQLiteExample -lsqlite3 
// 

int main {int argc, const char * argv[]] 
f 

HSAutoreleasePool * pool “ [ [NSAutoreleasePool allot] 
inltj ; 

sqliteS 'database; 
sqIite3_Btmt "statement; 

NSString "filePath = @"testSQLite*db”; 

//A File Manager for file operations 
NSFileManager *fin ^ [NSFileManager defaultManagerj : 


ii Chock If the database file already exists 
BOOL exists ^ [fm fileExistsAtPath:fllePath] : 

if (exists) 

NSLog(^''Database file exists!"); 
else 
( 

NSLog(@''Database file does not exist. Quiting...") 
return 1; 

1 
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const char 'cfilePatJi = [filePath 
c St rin £Usin gEnco ding:NS UTF8 S tringEn c o dlng]: 

if C sqHtei_open(cfilePath* &database) != SQLITE_0K ) 

[ 

NSLogfe'Xanngt open database!"): 

flSLog(@"Quitiiig..."): 

rettirn 2; 

1 

else 

NSLog[S'Xatabase li® openedl"^ filePath); 

// The cStatement has to be converted 
U into a s(3lite3_stiiit. 

const char ’cStateraent = "SELECT * FROM test"; 

if Csqlite3_prepare(database, cStatement, 1. ^statement, 
NULL) !“ SaLITE„0K} 

I 

HSLog(^"Error preparing cStateraent); 

NSLDg(e''Qiriting..*"); 

return 3: 

] 

while (Eqlite3_step(statement) =“ SQLITE_ROW) 

f 

// Read a C string 
const char *cName = (const char *) 
sqlite3_colinim_text (statement» 0): 

// Convert it to NSStting 
NSString *nanie = [nKSString alloc] 
InltWithUTFSStringtcName] autorelease]: 

// Read a C string 

const char ‘cSurname (const char *) 
sqlite3_coliJ0in_text(statement* 1): 

U Convert it to NSString 
NSStting ‘'surname ■ [[[NSString alloc] 
initWithUT F8 S t rin g:c Surname] 
autorelease]; 

// And now. lets display the data 

NELog{@"name = and surname = name, surname); 


following (depending on ihe data that you put inside the test 
table): 

2010-11-13 21;09:17.327 SQLiteExample(79781:903l Database tile exists! 
2010-11-13 21:09:17.331 SQUteExamplel79781:903) Database 

testSQLite.dh opened! 

2010-11-15 21:09:]7.331 SQUteE\ample[79781:905] name = Mihalis and 
.surname = Tsoukalos 

2010-1 M3 21:09=17332 SQUteHxample[79781:903] name = MacTedi 
and sumnme - Mngaxine 

2010-11-13 21:09:17.332 SQLiteExample|79781:903] name = Edward 
and surname = Marchuk 

The sqlite3^'inalize0 routine destroys a prepared 
statement created by a prior call to sqliteSj^repawQ. Every 
prepared smtement must be destroyed using a call to this 
routine in order to avoid memoiy' leaks. If you do not execute 
tlie sqiiteJlfuilizeO routine you will get the “unable to close 
due to unfmalised statements" error. 

Using the SQLite DB from the 
iPhone 

The fist thing dial you need to do is to manually create an 
SQLite database file using the Terminal application. 

Then, you need to copy that file into the Resources of the 
application. 

Please do not forget to save a copy of the datal>ase file if 
case you want to edit it later. 

Last, you will need to add the libsqlite3 -dylib file to 
your project. The libsqliteS. dylib file is a link that points 
to the latest version of the SQLite3 libraiyL If you do not add the 
libsqlite3.dylib file then you will see an image with 
error messages similar to Figure 1 and the compilation process 
(actually the linking part of it) will fail. 


// Clear the query results 
sqlite3_reset(statement); 
sqllte3_finali2e(statement): 

// Now close the database 
sqlltel^cloEe(database): 

[pool release]; 
return 0: 


As I say inside the objective-C code, in order to compile It 
you need to run the following command from the Ternunal 
application: 

$ gcc 'framework Foundation SQLiteExample.m -o SQUiteExainple 
-IsqliteS 


The -IsqliteJ parameter tells the gcc compiler to link the 
sqlite3 library when compiling tlie Objective-C code. 

The -frameu)ork Foundation parameter tells the gcc 
compiler that the code to be compiled Is written in the 
Objective-C programming language and therefore needs to be 
linked with the Foundation Objective-C library. 

So, if you run the executable (that will be called 
SQIJteExample because of the -o parameter) you will see the 
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Figure 1: Compilifig without linking to the SQLite library 
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Tlie process to add a library is the same as adding a 
Frametvork and is as follows. In Xcode: 

Select ""Fmmeu^orks'' from the ""Group & Filef pane and 
right click on it. 

From there, select “A/r/ and then ""ExistingFrameworks../' 
From the really big list (figtire 2), select libsqlUe3^dyUb 
(which is the same as selecting Ub&qlUe3.0.4ylib) and click add. 
build and Run your project! 


Figure 2; Adding the libsqliteSJylib library 


An iPhone application that uses 
SQLite 

This is the interesting part of the article where we stop 
talking theoretically and start doing some practical things. You 
are going to make a complete iPhone application that uses 
SQLite. Xcode wall be used for writing and compiling the 
application. 

Also, if you want to run the application using your iPhone 
and not tlie iPhone Simulator yoti will need to go to the iOS 
Dev Center and enroll to die iOS Develoi>er Program. I am 
currently using iOS 4.2.1 on my iPhone 4. 

The iPhone application that this article is going to program 
will display the contents of the test table (created in a previous 
section of tills ardcie). You can download all the classes from 
ftp://ftp.mactech.com. 

First of all, create a new iPhone project From the existing 
Application templates. Choose “Navigation-based Application" 
as you can see in figure 3. The name of die application will be 

DBapp. 



Figure 3: Creating a new Mavigation-based Application 

In order to Ije able to re-use some of the presented code 
in cither projects, a separate class that deals with the SQLite 
database access will he introduced. Tlie class will be called 
DBObject and will be implemented in tw^o separate files, the 
DBObject.h file that contained the class declaradon and the 
DBOjecl.m file that contains the class implementation dial is a 
standard Olijective-C practice. 

In order to include the DliQject class in your project, you 
wall have to go to "FiJe"->"New File" and then select “Objective- 
C Class” from the "Cocoa Touch Class” group. 

The DBObject, li file is straightforw^ard: it has one variable 
tliai holds the database connection and three class methods that 
are going to be implemented in the DBOject.m file. 

You should alw^ays check tlie for the SQLrfE_OK return 
value to make sure that everything worked successfully. If there 
is an error, you can show it as in the following piece of code: 

if [sqlite3_closeCdatabase) 1^ SQLITE_OK) 

( 

NSLog{©"Error: failed to close database: ‘%s' . 
sqllteS^erTinfl^Cclatabase)): 

J 

else 

f 

I^SLog(©'"Database connection successfully closed"): 

1 

The ini I function is automatically executed from the 
RoolVieu^ContmLm file using the following line of code: 

DBObject ^database = [[DBObject allocl initj ; 

The init function open.s the database connection and then 
fetches the data using the next line of code: 

self.data “ [database getData]; 

You can also use the following way in order to convert an 
NSString into a C string: 





f Add Other..D Caneej ^ Add 3 
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NSMutableArray *data; 


const char *cfilePath = [dbFilaSQ 

cSt ringUslngEncodlng:NSUTFaStringEncodingl: 

The cStringUsingEnc(Klmg methcxl of the NSString class 
returns a C string using a given enctxiing. 

You also need to add the SQLite database file^—named 
tesiSQLite.db—io your Xcode project. You should right-click the 
Resources folder and select "Add” and then ‘‘Existing Files''. You 
will then select the file and after than you will a figure similar 
to Figure 4, Please make sure that ‘"Copy items into destination 
group’s folder (if needed)" is selected. 


Figure 4: Inserting the database file to your Xcode project 


You will also need to create another class that will hold the 
data of each table row, 1 called it penon and it has two 
members {name and surname). You will need to create its two 
files, the include file (personM and the implementation file 
iperson.m). 

If you want to create your own iOS application you will 
need to adjust the person class (or even change its name!) in 
order to contain the fields that match your needs and your 
database tables. 

Also, you should alter the RootViewControlienh and 
RootViewController.m files. Their full contents are the 

following: 

// 

/ / RootyiewCoiitroller.il 

// Dlapp 

// 

// Created by Rihalis Tsoukalos on 15/11/2010. 

// Copyright 2010 yourCompany, All rights reserved. 

a 

#iiiiport <UIKit/UIKit,h> 

#import "DB01;y©ct.n” 

#lmpoPt “persori.!i” 

^interface RootVlewController : UITabieViewController 


©property {retain, nonatomic) NSMutableArray *data; 
ieod 

The contents cjf tlie RootVieufControl.b file are simplistic 
whereas the altered RooiViewControi.m file is more 
complicated. Neverilieies.s note that most of its code is 
automatically created by Xcode. The added code Ls in bold 
typeface. 

// 

/ / RootViewGoiitroller.in 
// DBapp 
// 

// Created by Mlhalis Tsoukalos on 15/11/2010. 

// Copyright 2010 yourCoropany. All rights reserved. 

// 

#iraport '"RootViewController.h" 


©imp1emeu t a tion Ro otViewCont roller 

if This completes tho ©property oommand 
if from the RootyiewController.h fOe 
©synthesize data; 

^pragma mark - 

i^pragna laark View lifecycle 

- (vold)viewDldLoad 
[ 

[super viewDidLoad]: 

if Uncommetit the following line to display an Edit 
button in the navigation bar for this view controller. 

if self.navigationltera-rightBarButtonltem * 
self,editButtonItem: 

DBOhject 'database - [[DBOhject allocl init]; 
seif.data =5 Idatahase getDatal; 

[database closeDBComiectloii]; 

[database release]; 


f/pragtna mark - 

if^pragma mark Table view data source 

// Customize the number of sections in the table view. 
- CNSInteger)numberOfSectionsInTableView:(UITableVlew 
'JtabieView [ 
return It 

1 


if Customize the number of rows in the table view. 
- (NSInteger)tableVlewi(UlTableVlew *}tableVlEw 
number OfRows Lei Sect ion: (NSInteger) section 

I 

return [seif.data comit]; 

I 


// Customize the appearance of table view cells. 

- EUlTableViewCell •)tabTe?iew:{UlTableVlew *]tableView 
cellForRowAtlndexFath: (NSlndexPath •)lnde3tPath f 


0.CopY items Irtto destination group's fofder (if needed) 


Reference Type: ( Default 

1} 


Text Encoding: [ Unicode (UTf-8) 



Q Recursively create groups for any added folders 
O Create Folder References for any added folders 

Add Tq^TargetS_ __ 

fi^Diaop 
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static KSStrlng ‘Cellldentifier “ @“Cell”: 

UITableViewCell 'cell ^ [tableView 
dequaueReusableCellWithldentlfier ^ Cellldentifier]; 
if {cell = nil) ( 

cell [ [[tJITableViewCEll alloc] 

InitWithStyle: UITable ViewCel IStyleDef aiilt 
reuserdentifler:GellIdentifier] autorelease ]] 

) 

i I Configure the cell. 

person* myPerson = [self.data otgeetAtlndex^IindexPath row]]; 
C6ll.textLabel.text = myPerson. surname; 

return cell: 

1 

#pragj!ia mark ■ 

ifpragtna mark Table view delegate 

- (void)tableView:(DITableVlew ')tableVlew 
didSelectRowAtlndexPath:(TJSIndexPath *)indexPath 1 

/' 

<#DetailVievController#> 'detailViewController = 

[ [<#DetailViewCcintroller#> alloc] initWithNibNaine:@'*<#Nib 
name^f)” bundle: nil]; 

// 

// Pass the selected object to the new view 
controller, 

[self,navigationControlle r 

puahVlewControlleridetailVlewController animatedlYES]; 
[detailViewController release]: 


/^pragma mark - 

pragma mark Memory management 

' [void)didReceiveMemoryWacning I 

// Releases the view if it doesn^t have a superview, 
[super didKeceiveMetnoryWarning] ; 

// Relinquish ownership any cached data* images, etc 
that aren't in use, 

I 

- (void)viewDidUnload I 

if Relinquish ownership of anything that can be 
recreated in viewDidLoad or on demand. 

// For example: self.myOutlet = nil: 


- (vold}dealloc 
1 

[super dealloc]: 

) 

@end 

If you have no typos, then by compiling and running the 
application you will see Figure 5. 

Also, the application only displays the stmiame column 
from the test table. This is done by using the following code: 

cell.textLabel.text = myPerson.surname; 



figure 5: The WApp is runningl 


You can further change die look of the application by 
customizing the LtlTabieVieuL 

Summary 

The simple application that was programmed in tliis article 
is a complete example of an iPhone application that uses tlie 
SQLite3 database. 

Its output is minima! but the presented code fully shows 
the use of SQLite3 using Objective-C and Xcode, 

SQLite3 is ver>^ efficient, uses SQL which is the standard 
language for creating, querying and changing databases and is 
embedded in every iPhone and iPad. What else can you ask? 
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building block for most /n software products. 

Corpponents ■ IPMonitor, MX. f?ESX NetCoae, fiSS, mTP, SMPP POP, 
f?exeo, Systog, SMm WePOav, SOAR mpp Te/net, Ping, TFTP, 
HierMaUer, UDPPnn, HTMLMailer, WePForm, NetCfock, WebUpioad, flCR 
Whom, FTP, XMLp, HTTP, SNPP, iMAP, MIME, Ipinfo, IPDaemon, tPPon, 
NetDisl, LDAP, iCMPPon, MCasr, TraceRoute 

Network Management 

• IP'Works! Secure SNMP 

A comprehensive toolkit for building Secure SNMP-based agent and 
meriager applications including advanced SNMPv3 security features, 
trap handling, and ASN-1 MIB compilation. 

Components- SNMPWgeot. SWMPMgf> SNMPJfapMgr, Miberowser 

File & Streaming Compression 

■ IP*Works!Zlp 

Suite of easy-to-use, fast, effective components for compression and 
decompression with advanced features including seif-extracting 
archives, industrial strength AES encryption, and Zip64 archives. 
Components - GZ/p, Tar, Jar. Zip. Z/pStneam 


Secure Connectivity & E-mail Confidentiality 

■ IP*Works! SSL 

SSL-enabled versions of the components In the core IP* Works! 
package. 

Components - WePFormS, LDAra, WabUpioaPS, RFS75, JViVTPS, 
iPDaemonS. POPS, FTieMa/ierS, SOAPS, ^iTMLMaJiefS, Telnet^ HTTPS, 
FTPS, iMAPS, SMTPS, (PPortS, CertMgr, RSSS, SMPPS, WebDavS, XMPFS 

■ IP’^Works! S/MfME 

Components for E-mall and file confidentiality, authentication, and 
non-repudiation through encryption and digital signatures. 
Implements the 3/MIME standard for digital security. 

Components - CenMgr, SNWTR SPOR SIMAP, SSM7P, SMIME, SFWeMaiter 

« irWorkslSSH 

Secure Shell (SSH) enabled client communications components 
supporting strong encryption and advanced cryptography A 
highly-evoived code base, enhanced with enterprise features like IPv6 
addressing and 64-blt support. 

Components - SFTR SSheW, SExec, SSHCJfent, SS^Fynnet, CertMgr 


COCOA FRAMEWORKS FOR INTERNET BUSINESS 



Built using the same technologies as our award-winning IP* Works! product line, these packages offer native components for 
Credit Card Processing, Online Payments, E-Banking, Shipping & Tracking, and more! 


QuIckBooks Integrator 

■ E-Payment Integrator 

■ E-BankJng Integrator 

■ TSYS Integrator 


■ Paymentech Integrator 
4 FDMS integrator 

» FedEx Integrator 

■ USP Integrator 


■ USPS Integrator 

■ PayPal Integrator 

■ Amazon Integrator 

■ SFiarePoint Integrator 


GET THEM ALL THROUGH OUR COMPREHENSIVE RED CARPET SUBSCRIPTION. $1,499 PER DEVELOPER. ROYALTY-FREE. 20% DISCOUNT FOR MACTCCH SUBSCRIBERS. 










Management 



Supporting laptops in a managed enviromiient is tricky 
(and doubly so if you allow them to be taken off your 
coiporate network). While you can be reasonably assured that 
your desktops will remain on and connected during the 
workday, it's not uncommon for laptops to go to sleep, change 
wireless access points, and even change between an Etiiernet 
or AirPort connection several times during the day. It's 
important to have a tool that can ' tweak" certain settings in 
response to these changes. This is where crankd comes in. 

Crankd is a cool utility that's part of the PymacadiTiin 
(http://code.google.eom/p/pymacadmin/) suite of tools, co- 
authored by Chris Adams and Nigel Kersten. Specifically, 
crankd is a Pythtjn daemon that lets you trigger shell .scripts, 
or execute Python methods, based upon state change.s in 
SystemConfiguration, NSWorkspace and FSEvents. It's easier 
to see how crankd can help you by providing a couple of 
scenarios: 

Use Cases 

L Your laptops, like all of the other machines in your 
organization, are bound to your corporate LDAP servers. 
When they're onmetwork, they wall query the LDAP 
servers for things like autlientication infonnation. Unless 
your corporate LDAP directory is accessible outside your 
corporate network, your laptops may exhibit the “spinning 
w^heel of death” when they attemj>t to contact a suddenly- 
unreachable LDAP directory at the neighborhood 
Starbucks. A solution to this is to remove tlie LDAP servers 
from your Search (and Contacts) path whenever the laptop 
is taken off-network and add the LDAP servers when yt)u 
come back on-network. 

2. Perhaps you're using Puppet, Munki, Chef, StarDepk^y, 
Filewave, Absolute Manage, Casper, or any other 
configuration managemeni system that needs tc3 contact a 
centralized server for configuration information. Usually 
these tools will have your machine contact their servers 
once an hour or so, l7ut this can be a problem if the 
machine is constantly sleeping and waking (such as 
Laptop Cart Labs or demonstration machines), Plus, if you 
lake y{)ur machine off-network, you don't want it trying to 
contact a server that might not be reachable from the 
outside world. It would be nice to have your laptop 
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“y>hone home" w^hen it establisfies a network connection 
on your corporate netwodc and skip this step when the 
laptcjp is taken outside your organization. 

3. OS X allows y(3U to set a preferred order for your network 

conneciicms, l^ut it would be nice to disable the AirPort 
wdien your laptop e.stablisKes an Ethernet connect!tjn on 
your corporate network, 

4. Finally, maybe you have the need to perform an action 
whenever your laptop sleeps (or w^akes), changes a 
network cc^onection, mounts a volume, or runs a specific 
Application (whether it’s located in the Applications 
directory or anywhere else on your machine). 

All of these situations can be made trivial through the help of 
crankd. 

How do I get it working? 

Crankd is a daemon, so it's running in the background 
while you work. It uses an XML plist file thai lists the scTipLs 
(or Python methods) that crankd should execute in response 
to specific state changes ( like a network connection going up 
or down or a volume being mounted), Since it's a small 
Python library, tlie files aren't huge and the entire finished 
in,stallation is around 100 Kb (or larger with your custom 
code/scripts). Let's down load crankd and experiment with its 
settings: 

1. Dowtiioad the Pyitiacadmin source. You can do this 
through Go( 3 gle Code or Gilliub -1 recommend the Githtib 
method as it seems to currently be a new^er version. You 
have iw'O choices for downloading the .source code: you 
can either navigate to 

http://github.com/acdhQ/pymacQclmin, click the Downioad.s 
button, download either the ,!angz or the .zip version of 
the source code and double-click on the file to expand it 
(which should open a folder named acdha-pymacadmin- 
Kcombination of 7 numbers and leUers>), or you could use 
gir to check out a version of the Pymacadmin repository 
with the git checkout 

https://github*coni/acdha/pymacadinin,git 
pymacadmin command (Do note that git needs to be 
installed on your computer as it doesn't come natively 
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with OS X, There is a Mac installer that can be downloaded 
from hitp://code.goog!exom/p/git-osx-installer/). 

2, Install crankd. Upon opening die pyraac'admin folder, you 

should see a series of folders, readme files, and an 
install-crankd.sh installation script. Let's open 
Terminal a pp and navigate to the pymacadmin folder that 
we expanded on our desktop (you can type cd into 
Terminal.app and dien drag and drop the folder into the 
Terminal window'. Hit the Return button on yoiir keyboard 
to change to the directory). The install-crankd.sh 
script is executable, so run it by typing sudo 
./install-crankd. sh into the Terminal window and 
hitting Return. Enter your password when it prompts you. 

3. Setup a plist file for crankd, Crankd uses an XML 
configuration plist to determine which state changes to 
monitor and which scripts or Python methods to execute 
in response to these state changes. If you’ve never worked 
with crankd before, it’s best to let it create a sample 
configuration plist for you. If you don't specify a 
configuration plist with the —config argument, or you 
don’t have a com.googlecode.pyniacadmin.crankd. plist file 
in your /Users/<u5emame>/Library/Preferences folder, 
crankd will automatically create this sample plist for you. 
Let’s do that by typing sudo 
/usr/local/sbin/crankd.py into Terminal and 
hitting the Return button. Take a look ai the sample 
configuration plist file it will create (located in your 
/Users/<username>/Library/Preferences folder) : 

com.googlecode.pymacadmin.crankd.piisi 

<7xml version*”! ,0“ encoding”''UTF^8"7> 

<1D0CTYPE plist PUBLIC "■//Apple Computer//DTD PLIST 
1,0//EN*" ‘'http: //ww. apple.com/DTDs/PtopertyList-1 ,Q.dtd"> 
<plist version=”l.0"> 

(diet) 

<key>KSWDrkspace</key> 

<dict> 

<key>NSWorkspaceDidMountMot±ficatlon</key> 

<dict> 

< k ey > c oramand </key> 

(string)/blti/echo new volume was 
mounted!"(/string) 

(/diet) 

<key>NSWcirkapaceDidVakeNotification(/key> 

(diet) 

(key )c otimiand</key > 

<string>/bin/echo “The system voke from 
sleep!"(/string) 

(/diet) 

<key)NSWorkspaceWlllSleepNotification(/key> 

(diet) 

(key>c ommand </key> 

(string)/bin/echo "The system is about to 
sleep!"</string) 

(/diet) 

(/diet) 

(key>SystemConfiguration</key) 

(diet) 

<key>State:/Netwotk/Global/IPv4(/key) 

(diet) 

(key>c ommand(/key> 

(gtring>/bin/echo "Global IPv4 config 
changed"(/string) 

(/diet) 

(/diet) 


(/diet) 

(/plist) 

This XML file has two main keys - one for NSWorkspace 
events (such as mounting volumes and sleeping/waking 
your laptop), and one for SystemConfigurarion events 
(such as network state changes) followed by a key for the 
specific event that we’re monitoring, a key specifying 
whether we’ll be executing a command or a Python 
method in response to this event, and a string (or an array 
of strings, as we’ll see later) specifying die actual conunand 
that's to be executed. For all of the events in the sample 
plist, we're going to be echoing a message to the console. 
4. Start crankd. Once crankd has been installed and your 
configuration plist file is setup, you’re ready to let crankd 
monitor for state changes. Let's start crankd with the 
sample plist that was created in the previous step by 
executing sudo /usr/local/sbin/crankd.py — 
config=/Users/<username>/Library/Preferenc 
es/com.googlecode.pymacadmin-crankd.plist 
in Terminal. Remember to substitote your username for 
<username> in that command (if you don’t know your 
username, you can type whoami into Terminal and hit the 
Return button). If everything was executed correctly, you 
should see the following lines displayed in Terminal: 

Module directory /Userfi/(usettiame)/Library/Application; 
Support/crankd does not exist: Python handlers will need to 
use absolute pathnanes 

IKEO: Loading configuration fro® 

/Users/(use rnanie)/Libra ry/Preferences/cam,googlecod e.pyraac a 
dmln.crankd.plist 

INEO: Listening for these NSWorkspace notifications: 
NSWorkspaceWillSleepNotifloation, 

NSyorkspaceDidWakeNotifIcation, 

KSWorkspaceDidMoimtNotlficatioa 

INFO: Listening for these SystemConflguratlon events: 
State:/Network/Global/IPv4 

It might look like Terminal isn't doing anything^ but in 
actuality crankd is listening for changes. You can make 
crankd come to life by either connecting to (or 
disconnecting from) an AirPort network, sleeping/waking 
your machine, or mounting a volume (by inserting a USB 
memory stick, for example). Performing any of these 
actions will cause crankd to echo messages to your 
Terminal window. Here's the message i received when I 
disconnected from an AirPon network: 

INFO: SystemConfiguration: State:/Network/Giobal/IPv4: 
executing /bin/echo "Global tPv4 config changed" 

Global lFv4 config changed 

To quit this sample configuration of crankd, simply hold 
down the control button on your keyboard and press the 
“c” key. Congratulations, crankd is now^ up and running] 

A more complex example 

Let's look at a scenario that is close to my heart. I run 
Puppet (http://www.puppetlabs.com/puppef) to manage all of 


M^cnai 


Adaptive Laptop Management with crankd 89 



our district's server, desktop, and laptop machines, and T 
would like to call Puppet anytime a laptop establishes a 
network connection inside our corporate network. This 
example will show how a P^^lhon method can be executed in 
response to a network state change. There are 3 main parts to 
my solution: 

A crankd plist file that specifies which state changes we're 
monitoring and which Python methods to execute in 
respcmse to those state changes. 

Python code to execute in response to the network state 
change. 

A launchd plist that will keep crankd running. 

The crankd Plist File 

We need to generate a plist file to identiiy wliich state 
change we’re monitoring and exactly what action we should 
take when this state change occurs. 1 would recommend 
monitoring the State:/Network/Global/IPv4 System 
Configuration state - this covers any IPv4 interface on your 
system. You COULD monitor each BSD interface separately 
(with the State :/Network/lnterface/enO/IPv4 and 
Stafe:/Network/Interface/enO/rPv4 keys), liut you w^ould then 
need logic to determine which BSD interface (such as eiiO and 
enl) corresponds to each network interface (such as Ethernet 
or AirPort). The entire plist file .should look like this: 

crankd-config.plist 

<?xml verslon="1.0” encodlng^^UTF-8"?> 

<ID0CTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" 

"http://www.apple.com/DTDs/PropertyList-l.0.dtd"> 

<pllat version""!-D”> 

<dict> 

<kGy>SystemConfiguratioD</key> 

<dict> 

<key>State:/Netwprk/Global/IPv4</key> 

<dict> 

<key>inethDd</key> 

<array> 

<strijig>CrankTools</string) 
<strir3g>DnNEtworkChange^/string> 

</array> 

</dict> 

</dlct> 

</dict> 

</plist> 

main difference between this plist file and the 
automatically-generated crankd plist file is that we're not 
executing a scrip! in response to the 
State:/Nctw^ork/Global/IPv4 state change. Instead, we’re using 
the method key which tells crankd that weVe going to be 
executing a Python method. The next two .string values are the 
specific Python class and method that should be executed in 
response to this state change, Finally, let’s name this file 
crankd-config.plist and place it into the /Library/Preferences 
folder (NOT the /Use r5/<username/Ltbrary/P references 
folder). 


The CrankToois Python Class 

The CrankToois class will be where all the Python magic 
happens. This class will contain code to check if the laptop is 
on or off-network, code to call Puppet, and the specific 
method that will be called from crankd. It's VEHY 
IMPORTANT that the name of the file matches the classname 
that was used in the crankd-config.plist file (this must match 
down to spelling and case). Because we specified CrankToois 
in the crankd-config.plist, the file must be called 
CrankToois.py. The method name is equally as important as 
the class name. Make sure that an onNetworkChange 
method exists in your CrankToois class (and that its spelling 
and case match with the crankd-config.plist file). When your 
Pydion class file is complete, make sure to save this file into 
the /Library/Application Support/crankd/ folder. 

The first method, called onNetworkChange, will either 
call die executePiippet method if ids determined that we’re 
on our corporate network (via the onTheNetwork method), 
or do ncjihing (if we’re off-network). You can add complexity 
as you become more comfortable, but for now weYe keeping 
it .simple to demonstrate the process, 

The onTheNetwork method is going to be specific for 
every environment. Only you will know the best way to 
detennine whether you’re on your coq:)orate network. For this 
demonstration, I'm going to use the /usr/sbin/scutil —r 
<hostname> coimnand to try and access a machine that’s 
only accessible when I’m on my coqiorate network. 

Finally, the executePuppet method is going to call a 
Puppet WTapper-scripit (yusr/hin/puppetd.rb) because Puppet 
lia.s its own complexities and checks. 

Here is what my CrankToois,py file looks like: 

CrankTools.py 

_^author_ = ‘Gary Larlzza {gary^huronhs.com)' 

_version_= ‘Q.l’ 

import sysiog 
import subprocess 

sys!og.openlog("Cr3nkEi'’J 
^PUPPETD - ‘/usr/bin/puppetd.rb' 

_SCUTIL = '/usr/sbin/scutil -r odm.huronbs*coni' 

class CrankToois0: 

def onWetworkChange(self. 'ergs. **k\tfargs)j 

‘Triggered when a "State;/Nctwnrk/Globiil/lPv4'’ change 

occiii-s. 


if self .onTheNetv?ork() : 
self.executePuppet() 

def ExecutePuppet(self); 

""“Simple utility function that calls puppet via .subproccss. 
I'he _PUPPE1'D variable i.s set globally and corre.^pODds to 
iny puppet wrapper script, 

AigumenLS: None 
Returns: Nottiing 

syslog.sy3log(syslog.LOG_ALERT, "Performing a Puppet 
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Run. ") 


comiiiand =? [_PUPPETD] 
task = subprocess, Popen (cominand . 
stdout=subprocess.PIPE. stdert^subprocess.PIPE) 
task*coramunicate 0 

def onTheNetworkfself): 

“"“This function will check to see if we are on (.>ur 
coqttorate network. 

Arguments: None 
Ueiurns: 

Kither 'I'aie or a blank string de|>emiing on if we locate 
the desired host. 


eenmiand =■ subprocesE .FQpen(_SCUTIL, sbell^Ttue. 
stdout=stibprocess.PIPE.) 
netcheck = 

command*conimunlcate(} [0] . rstripO *split (" , ") 

for status in netcheck: 

if status = 'Reachable': 

syslog*syslog(syslog.LOG„ALERT. “We are on- 

network . ”) 

return “true" 

syslog. syslog(sysLcig*LOG_ALERT. "We are off- 
network*") 

return 


A Launchd Plist 

To stiirt crankd whenever the computer is turned on (and 
to run it as the root user), we’re going to be using a launchd 
plist file that’s put into /Librar>^/UunchDaemons. Launchd 
plisrs are fairly easy to setup - take a look at this sample file: 

com .googlecode^ crankd.plist 

<?xEiI version=“ 1.0“ encoding’="tlTF-B "?> 

<[D0CTYPE plist PUBLIC /Apple//DTD PLIST i*0//EN” 

"http://www*apple,com/DTDs/PropertyList-l.O.dtd"> 

<plist version'""!, O") 

<dict> 

<key>KGepAiive</key> 

<true/> 

<key>LabeK/key> 

<string>coni. googlecode * crankd . plist</st ring) 
^key)ProgramArguiiienta</key) 

<array> 

<strlng)/uEr/local/sbin/crankd.py</string> 
<string>“config=/Library/Preferences/crankd- 
config.pliat</string> 

</array> 

<key>RunAtLoadC/key> 

<true/) 

</dict> 

</plist> 

If we deconstruct diis plist file, we can see dial it’s 
running the command /usr/local/sbin/crankd.py 
-config=/Library/Preferences/crankd- 
config.plist whenever the computer is started. If the 
command is ever slopped (whether killed from the command 
line or via Activity Monitor), launchd will fire off another 
instance immediately (as long as this launchd plist is active). 
MAKE SURE that youVe tested out your crankd setup before 
you start this launchd plist. If your crankd setup has any 
errors, launchd will continually restart crankd.py until you 


unload the launchd plist (you can load or unload launchd 
plists with the command sudo /bin/launchctl load 
/Library/LaunchDaemons/<name of your launchd 
plist f ile> - just substitute unload for load if you want to 
unload the plist). 

Testing crankd 

Now comes the time to test your crankd setup. There are 
MANY things that can go wrong (errors in your Python code, 
typos in your configuration plist files, logic errors, etc...), so 
it’s very inipoiTant to test crankd with EVERY possible state 
change you’re moniujring. Just open a Terminal window^ and 
execute sudo /usr/local/sbin/crankd,py — 
GOTifig = /Library/Preferences/crankd- 
config -plist to test crankd from the command line. A 
GREAT feature of crankd.py is that it will reload itself any 
time a configuration file or monitored script/Python method is 
changed. This means that you don’t have to kill and reiaunch 
crankd.py every time you make a change to your 
CrankTooLs.py file (for instance), If you’re running crankd.py 
from the command line, you can always use the print 
command in your Python code to debug sections of your code 
that might be causing errors. I highly recommend writing to 
the system log any time your Python code is making changes 
to the system. Not only w^ill you be able to track changes 
centrally if you aggregate your log data, but you’ll be able to 
trace back logic errors in your system logs. 

Where to go for help 

Crankd is a part of the Pymacadinin suite of system tools. 
Pymacadmin maintains its own google group at 
http://groups.google.com/group/pymocadmin - .so feel free to 
post questions for the good of the order. My personal blog 
(http://glarizza,post6rous.com) has a couple of entries on 
crankd, and you're w^elcome to check my Puppet repository 
on Githul) for the exact crankd code that I use on my 
machines (https://gifhub.com/huronschools/Huron-Cffy-Schools- 
Puppet-Repository/tree/master/files/crankd). Good luck and gel 
cranking! 
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VMware View 
Client for iPad 

Windows on iOS—fo go! 

by Dennis Sellers 


VM ware's VMware View Client for iPad 

(http://www.vmware.co3n/products/view) enables users of the 
Apple tablet to access their virtual Windows desktops, 
applications and data from just about anywhere. It's 
available for free at the Apple 
App Store and is optimized for 
the iPad's high-resolution Multi- 
louch display 

VMware View Client for 
iPad makes it easy to access 
your Windows virtual desktop 
from your iPad on the Local 
Area Network (LAN) or across a 
Wide Area Network (WAN). 

Since desktops are tied to users 
and not devices, desktops 
“follow” the user from device to 
device. 

The new VMware View 
Client is the first iPad app to 
deliver Windows-based virtual 
desktops while taking 
advantage of the PC-over-IP 
(PCoIP) display prolocoL On 
LAN or WAN connections, VMware View with 

PColP delivers a high performance desktop experience, 
even over high latency and low-bandwidth connections. 

Custom gestures on the new' VMware View Client 
enable navigation around the virtual desktop by taking 
advantage of iPad's Multi-Touch display, An on-screen track 
pad lets users leverage a more traditional niou.se interface 
with the iPad's keyboard for text input. 

VMware View offers Security Server support for PCoIP 
allows for a secure remote connection and authentication to 
a user’s Windows desktop over WiFi or 3G neworks, The 
alnlity to select and connect to a list of recently connected 
desktops simplifies reconnection. 

Support for the iPad Keyboard Dock and Bluetooth 
keyboards lets you input text with a physical, rather than 
virtual, keyboard, when you wish. The iPad VGA connector 


allows you to connect to an external monitor. VMware View' 
Client for iPad supports iOS 4.2 and iOS 4.3. 

Serving families in Southern California, Children's 
Hospital Central California recently deployed VMware View 
” a Window’^s compatible, client desktop product that 
provides remote desktop capabilities to users using 
VMw^are's virtualization technology — to provide “Follow- 
me Desktops" that move from room-to-rooni with clinicians 
and staff as they treat their patients. The hospital has plans 
to deploy the VMware View Client for iPad. 

'The iPad could fundamentally change the way our 
clinicians and staff approach their IT needs/ says Kirk 
Larson, chief information officer, Children's Hospital Central 
California. "Now' with VMware View Client for iPad, our 
caregivers can have the freedom to access a patient's 
electronic medical records anywhere in the hospital via an 
iPad on a secure VMware View desktop. This could not only 

Improve patient care but may 
enable us to dramatically 
reduce costs and simplify 
device management.” 

VMware View includes, 
and is tightly integrated with, 
VMware vSphere, a 
virtualization platform. It's 
designed to allow users to 
simultaneously power on 
thousands of desktops 
without performance 

degradation, and extend 
business continuity and 
disaster recovery features 
from VMware vSphere to your 
desktops. You can use 
VMware View to, among other 
things, deliver desktops to 
remote and branch offices to 
accelerate provisioning while retaining control, 

Desktop and application virtualization breaks the 
bonds between the operating system, applications, user data 
and hardware, eliminating the need to install or manage 
desktop environments on end-user devices. From a central 
location you can deliver, manage and update all of your 
Windows de.sktops and applications. 

VMw^are Thin App application virtualization separates 
application,s from underlying operating systems. 
Applications packaged with VMware ThinApp can be run in 
the datacenter where they are acce.s.sihle through a shortcut 
on the virtual desktop, reducing the size of the desktop 
image and minimizing storage needs. 

Since VMware ThinApp isolates and virtualizes 
applications, multiple applications or multiple versions of 
the same applications can run on the virtual desktops 
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Plans starting at only $9.99 per month 

Sign up for a FREE 30 Day Trial Today! 

www.BenchmarkEmail.com 



800.430.4095 























Using Windows on the iPad presents some new challenges. 

without conflict. Applications are assigned centrally through 
the View Manager, ensuring that all user desktops are up-to- 
date with the latest application versions. 

VMware View Manager provides a single management 
tool to provision new desktops or groups of desktops, and 
an interface for setting desktop policies. Using a template, 
you can customize virtual pools of desktops and set 
policies, such as how many virtual machines can be in a 
pool, or logoff parameters. 

Based on the Linked Clone technology, VMware View 
Composer lets users create desktop images from a golden 


image. {A linked clone is a copy of a virtual machine that 
continues to share the virtual disks of its parents but 
basically runs of a snapshot, which preserves the exact state 
of the virtual machine when you create the clone). Updates 
implemented on the parent image can be pushed out to any 
number of virtual desktop quickly. With the core 
components of the desktop being managed separately, the 
process doesn't affect user settings, data or applications. 

You can maintain control over data and intellectual 
property by keeping it secure in the datacenter. End users 
access their personalized desktop, complete with 
applications and data, securely from any location, at any 
time without jeopardizing corporate security policies. End- 
users outside of the corporate network can connect to their 
desktop securely through the VMware View Security Server. 

Integration with vShield Endpoint enables offloaded 
and centralized ami-virus and anti-malware (AV) solutions, 
VMw^are View also supports integration with ESA SecurelD 
for 2-factor authentication requirements. 


About The Author 

Deank Severs is a long time joamoBst. He started in Hie newspaper 
business, but bus been in the oAe foumtiSsm buaness hr the past 
15 jreors. He’s the editor/pabSsber af Mmsiawm News 
(htip://wwwjmHmmmHewsxam) 
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THE MACTECH SPOTLIGHT 


Justin 

Williams 


SECOND GEAR 


What's the coolest tech thing you've done using OS X? 

Building Elements, the first Dropbox powered text editor 
for iOS was pretty neat. It doesn’t seem like much now as there 
are so many different choices out there, but being first to 
market has some clear advantages and was a real boost to the 
nerd ego. 


Ever? 

Organizing and coordinating Indie+Relief in January of 
2010 was probably my greatest hit thus far Indie+Relief 
(http://indiereliefxom) was a 1 day charity event where 
hundreds of Mac and iOS developers donated their sales to 
Haitian Relief charities in tlie wake of the earthquake that hit 
the area earlier that month. It was a lot of work, but raising 
over $144,000 is proliably something I’ll never be 
able to do again. 


Where can we see a sample of 
your work? 

All of Second Gear’s stuff is 
available on both the iOS and 
Mac App Stores. You can also see 
screenshots and other stuff at 
secon dgea rsoftwa re. com, 


The next way Tm going 
to impact the Apple 
universe: 

The Mac App Store is 
changing the way the 
desktop sciftware industry is 
shaped. It's evening the 
playing field between widely 
known consumer app markets 
and the less obscure, but 
iiicredihly useful apps. TVe found 
so many little utilities on the Mac App Store 
that have been out for years, but Ed never 
heard of before. Having all those apps in a 
central location right in my Dock is awesome. 


Anything else we should know? 

I tend to tweet quite a lot. Since 1 work alone at home, 
Twitter is my water cooler. I use the @secondgear account to 
about our products and interact with customers and am often 
mistaken for a teen popstar on my personal account @justin. 


http://www.secondgearsoftware.com 


What do you do? 

Crew Chief, though I’m the only person on the crew so 
1 guess I do everything. 


How long have you been doing what 
you do? 

I founded Second Gear the 
day after I graduated college in 
the spring of 2006. 


Are you Mac-only, or a 
multi-platform 
person? 

1 u.se a Mac as my 
primary computer, but I 
.switch between die 
iPhone, Windows Phone 
7, Android and webOS 
for my 

smartphone. Women have 
shoes. I have phones for eveiy' 
occasion. 


What attracts you to working 
on the Mac? 

When I started building apps for the 
Mac it w^as because I had just switched and 
wanted to scratch a few itches of my own. Now that I’m 
several years in, all the improvements in the frameworks and 
tools make it hard for me to take other platforms 
seriously. Apple really understands that good tcK3ls are the key 
to a successful platform. 


What's the coolest thing about the Mac? 

I really like how most of the developers have taste. Great 
software on the Mac not only works great, bul also looks 


great. 


What is the advice you'd give to someone trying to get 
into this line of work today? 

Just build something. An>i:hing. Once youVe polished it 
into a useful and good looking product, put it on the App Store 
and see if you can start building an audience. 




H you Of someone you know b^oags in the ll/kcTedi SpotS^t, kl 
os knowl Send defies to eiStorkd@mactech.(om 
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Mac shopping made easy. 

Grab that to-do list, and prepare for some one-stop shopping at 
Smalldog.com! 
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Bundles simplify the buying process 

Mac bundles (think Mac + RAM + AppleCare + external hard drive, etc.) 
not only include everything you need, but also save you money. 

Visit» Smalldog.com/specials 


Macs from under $500 

We carry all current Macs as well as used, refurbished and closeout 
models, so there is a Mac for any budget. 

Visit» Smalldog.com/macs 


Free shipping over $200 

It’s true-we provide free, same-day ground shipping on every item over 
$200 every day. 


Tax-fre© shopping 

Purchases outside of Vermont are 
always shipped tax-free. 


\/’'irMac»ookPro* 
Chill Pill® mobile speakers 




Small Dog 

Elecfronics 

AliAwgs ^ WoKr Side 


www.$inalldog.coin 

SOO-Sll-NACS 

m Apple Specialist 
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Celebrating 15 years • 3rd Largest Apple Specialist in New England • 5-Star Merchant Rating * Same-day shipping 


Bundles T Macs T Free Shipping T Tax-Free 
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